NotCVE - vendor:"Ibm" product:"Lotus Quickr"

23 results (0.007 seconds)

CVSS: 7.5EPSS: 20%CPEs: 1EXPL: 0

CVE-2013-6748 – IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-6748

Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749. Desbordamiento de buffer en el control ActiveX en qp2.cab en IBM Lotus Quickr para Domino 8.5.1 en versiones anteriores a 8.5.1.42-001b permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2013-6749. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX control included in QP2.dll. The specific flaw is a stack buffer overflow in a vulnerable function in the control. • http://osvdb.org/102597 http://secunia.com/advisories/56696 http://www.ibm.com/support/docview.wss?uid=swg21662653 http://www.securityfocus.com/bid/65191 https://exchange.xforce.ibmcloud.com/vulnerabilities/89864 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 20%CPEs: 1EXPL: 0

CVE-2013-6749 – IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-6749

Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748. Desbordamiento de buffer en el control ActiveX en qp2.cab en IBM Lotus Quickr para Domino 8.5.1 en versiones anteriores a 8.5.1.42-001b permite a atacantes remotos ejecutar código arbitrario a través de un documento HTML manipulado, una vulnerabilidad diferente a CVE-2013-6748. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX control included in QP2.dll. The specific flaw is a stack buffer overflow in a vulnerable function in the control. • http://osvdb.org/102598 http://secunia.com/advisories/56696 http://www.ibm.com/support/docview.wss?uid=swg21662653 http://www.securityfocus.com/bid/65193 https://exchange.xforce.ibmcloud.com/vulnerabilities/89865 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 29%CPEs: 3EXPL: 0

CVE-2013-3026 – IBM Quickr for Domino ActiveX Integer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-3026

Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site. Desbordamiento de búfer en el control ActiveX Lotus Quickr para Domino en qp2.cab IBM Lotus Quickr 8.1 anterior a FP 8.1.0.32-001a, 8.2 anterior a FP 8.2.0.28-001a, y 8.5.1 anterior a FP 8.5.1.39-002a para Domino, permite a atacantes remotos ejecutar código arbitrario a través de un sitio web manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of user provided input in an ActiveX control. An integer overflow exists which leads to a heap buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21639643 https://exchange.xforce.ibmcloud.com/vulnerabilities/84381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 76%CPEs: 1EXPL: 1

CVE-2012-2176 – IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2012-2176

Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method. Múltiples desbordamientos de búfer en cierto ActiveX en qp2.cab en IBM Lotus Quickr v8.2 anterior a v8.2.0.27-002a para Domino permite a atacantes remotos ejecutar código arbitrario mediante un argumento largo para el método (1) Attachment_Times o (2) Import_Times. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QP2.cab ActiveX control. When passing a long string argument to the Attachment_Times or Import_Times parameters during the control's instantiation it is possible to overflow a stack buffer causing memory corruption. • https://www.exploit-db.com/exploits/23737 http://www.ibm.com/support/docview.wss?uid=swg21596191 http://www.securityfocus.com/bid/53678 http://www.securitytracker.com/id?1027097 https://exchange.xforce.ibmcloud.com/vulnerabilities/75322 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2011-1505

https://notcve.org/view.php?id=CVE-2011-1505

Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2. Vulnerabilidad no especificada en IBM Lotus Quickr versión 8.1 anterior a 8.1.0.27 services para Lotus Domino tiene un impacto y vectores de ataque desconocidos. También conocido como SPR ESEO8DQME2. • http://secunia.com/advisories/43689 http://securitytracker.com/id?1025228 http://www-01.ibm.com/support/docview.wss?uid=swg27013341 http://www.ibm.com/support/docview.wss?uid=swg1LO58209 http://www.securityfocus.com/bid/46903 http://www.vupen.com/english/advisories/2011/0707 https://exchange.xforce.ibmcloud.com/vulnerabilities/66142 •

1 2 3 4 5