CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 0CVE-2011-0916 – IBM Lotus Domino SMTP Multiple Filename Arguments Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0916
07 Feb 2011 — Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H. Desbordamiento de búfer basado en pila en el servicio SMTP en IBM Lotus Domino, permite a atacantes remotos ejecutar código de su elección a través de largos argumentos en un parámetro de nombre de archivo con un mensaje de correo electrónico MIME mal formado. This vulnerability allows remote a... • http://secunia.com/advisories/43247 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 32%CPEs: 1EXPL: 2CVE-2011-0917 – IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0917
07 Feb 2011 — Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX. Desbordamiento de búfer en nLDAP.exe en IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de una operación "LDAP Bind", también conocido como SPR KLYH87LMVX. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exp... • https://www.exploit-db.com/exploits/16190 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 0CVE-2011-0918 – IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0918
07 Feb 2011 — Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE. Desbordamiento de búfer basado en pila en el servicio NRouter (también conocido como Router) de IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de nombres largos de archivo asociado con cabe... • http://secunia.com/advisories/43224 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 0CVE-2011-0919 – IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0919
07 Feb 2011 — Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ. Múltiples desbordamientos de búfer basados en la pila en los servicios (1) POP3 y (2) IMAP en IBM Lotus Domino permite a atacantes remotos ejecutar código de su elección a través de caracteres no imprimibles en una dirección del remitente, también conocido como SPR KLYH87LLVJ. This vuln... • http://secunia.com/advisories/43224 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 77%CPEs: 11EXPL: 4CVE-2010-3407 – IBM Lotus Domino iCalendar - Email Address Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-3407
16 Sep 2010 — Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V. Desbordamiento de búfer basado en pila en la función MailCheck821Address en nnotes.dll en el servicio nrouter.exe en el servidor IBM Lotus Domino... • https://www.exploit-db.com/exploits/15005 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 2CVE-2010-0927
https://notcve.org/view.php?id=CVE-2010-0927
05 Mar 2010 — Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotus Domino 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the BaseTarget parameter in an OpenPage action. NOTE: this may overlap CVE-2010-0920. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en help/readme.nsf/Header en the Help component en IBM Lotus Domino v7.x anteriores a v7.0.4 y v8.x anteriores a v8.0.2 permite a atacantes remoto... • http://www.cybsec.com/vuln/CYBSEC_Advisory_2010_0301_IBM_%20Lotus_Dominio_Readme_nsf_Reflected_XSS.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2010-0918
https://notcve.org/view.php?id=CVE-2010-0918
03 Mar 2010 — Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en la funcionalidad UltraLite en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 tienen un impacto y unos vectores de ataque desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg27018109 •
CVSS: 9.8EPSS: 21%CPEs: 31EXPL: 0CVE-2010-0919
https://notcve.org/view.php?id=CVE-2010-0919
03 Mar 2010 — Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ. Desbordamiento de búfer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 24EXPL: 0CVE-2010-0920
https://notcve.org/view.php?id=CVE-2010-0920
03 Mar 2010 — Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes." Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos inyectar secuencias de comandos web o ... • http://www-01.ibm.com/support/docview.wss?uid=swg27018109 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 24EXPL: 0CVE-2010-0921
https://notcve.org/view.php?id=CVE-2010-0921
03 Mar 2010 — Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes." Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos secuestrar la ... • http://www-01.ibm.com/support/docview.wss?uid=swg27018109 • CWE-352: Cross-Site Request Forgery (CSRF) •