Vulnerability-Lookup - Search a vulnerability

cve-2013-4064

Vulnerability from cvelistv5

Published

2013-12-21 11:00

Modified

2024-08-06 16:30

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/86595	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-inotes-cve20134064-xss(86595)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86595"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-inotes-cve20134064-xss(86595)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86595"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4064",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-inotes-cve20134064-xss(86595)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86595"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4064",
    "datePublished": "2013-12-21T11:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4063

Vulnerability from cvelistv5

Published

2013-12-21 11:00

Modified

2024-08-06 16:30

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/86594	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:50.013Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
          },
          {
            "name": "ibm-inotes-cve20134063-xss(86594)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
        },
        {
          "name": "ibm-inotes-cve20134063-xss(86594)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86594"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4063",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
            },
            {
              "name": "ibm-inotes-cve20134063-xss(86594)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86594"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4063",
    "datePublished": "2013-12-21T11:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:50.013Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0919

Vulnerability from cvelistv5

Published

2010-03-03 19:00

Modified

2024-08-07 01:06

Severity ?

Summary

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555	vdb-entry, x_refsource_XF
	http://www.osvdb.org/62612	vdb-entry, x_refsource_OSVDB
	http://securitytracker.com/id?1023662	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0496	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/38459	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/38755	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/38744	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857	third-party-advisory, x_refsource_IDEFENSE
	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/38457	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/38681	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0495	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-activex-bo(56555)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
          },
          {
            "name": "62612",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62612"
          },
          {
            "name": "1023662",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023662"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
          },
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "name": "38755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38755"
          },
          {
            "name": "38744",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38744"
          },
          {
            "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          },
          {
            "name": "38457",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38457"
          },
          {
            "name": "38681",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38681"
          },
          {
            "name": "ADV-2010-0495",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0495"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "inotes-activex-bo(56555)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
        },
        {
          "name": "62612",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62612"
        },
        {
          "name": "1023662",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023662"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
        },
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "name": "38755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38755"
        },
        {
          "name": "38744",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38744"
        },
        {
          "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        },
        {
          "name": "38457",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38457"
        },
        {
          "name": "38681",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38681"
        },
        {
          "name": "ADV-2010-0495",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0495"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0919",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-activex-bo(56555)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
            },
            {
              "name": "62612",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62612"
            },
            {
              "name": "1023662",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023662"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
            },
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "38755",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38755"
            },
            {
              "name": "38744",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38744"
            },
            {
              "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            },
            {
              "name": "38457",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38457"
            },
            {
              "name": "38681",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38681"
            },
            {
              "name": "ADV-2010-0495",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0495"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0919",
    "datePublished": "2010-03-03T19:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T01:06:52.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-2175

Vulnerability from cvelistv5

Published

2012-06-20 10:00

Modified

2024-08-06 19:26

Severity ?

Summary

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21596862	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/75321	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:08.541Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21596862"
          },
          {
            "name": "lotusinotes-dwa85w-bo(75321)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75321"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-05-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21596862"
        },
        {
          "name": "lotusinotes-dwa85w-bo(75321)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75321"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-2175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21596862",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21596862"
            },
            {
              "name": "lotusinotes-dwa85w-bo(75321)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75321"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-2175",
    "datePublished": "2012-06-20T10:00:00",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:08.541Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0274

Vulnerability from cvelistv5

Published

2010-01-09 18:00

Modified

2024-08-07 00:45

Severity ?

Summary

Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5.

References

▼	URL	Tags
	http://secunia.com/advisories/38026	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0077	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55470	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/37675	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:11.364Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38026"
          },
          {
            "name": "ADV-2010-0077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0077"
          },
          {
            "name": "domino-ultralight-unspecified(55470)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55470"
          },
          {
            "name": "37675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37675"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38026"
        },
        {
          "name": "ADV-2010-0077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0077"
        },
        {
          "name": "domino-ultralight-unspecified(55470)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55470"
        },
        {
          "name": "37675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37675"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0274",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38026"
            },
            {
              "name": "ADV-2010-0077",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0077"
            },
            {
              "name": "domino-ultralight-unspecified(55470)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55470"
            },
            {
              "name": "37675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37675"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0274",
    "datePublished": "2010-01-09T18:00:00",
    "dateReserved": "2010-01-09T00:00:00",
    "dateUpdated": "2024-08-07T00:45:11.364Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4594

Vulnerability from cvelistv5

Published

2010-01-09 18:00

Modified

2024-08-07 07:08

Severity ?

Summary

Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55548	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg27015942	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg27016085	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:08:38.087Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "domino-web-access-unspecified(55548)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55548"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "domino-web-access-unspecified(55548)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55548"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4594",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "domino-web-access-unspecified(55548)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55548"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4594",
    "datePublished": "2010-01-09T18:00:00",
    "dateReserved": "2010-01-09T00:00:00",
    "dateUpdated": "2024-08-07T07:08:38.087Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4065

Vulnerability from cvelistv5

Published

2013-12-21 11:00

Modified

2024-08-06 16:30

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/86596	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.922Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-inotes-cve20134065-xss(86596)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86596"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-inotes-cve20134065-xss(86596)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86596"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4065",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-inotes-cve20134065-xss(86596)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86596"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4065",
    "datePublished": "2013-12-21T11:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0918

Vulnerability from cvelistv5

Published

2010-03-03 19:00

Modified

2024-08-07 01:06

Severity ?

Summary

Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56557	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2010/0496	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/38459	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-ultralite-unspecified(56557)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56557"
          },
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "inotes-ultralite-unspecified(56557)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56557"
        },
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0918",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-ultralite-unspecified(56557)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56557"
            },
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0918",
    "datePublished": "2010-03-03T19:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T01:06:52.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0525

Vulnerability from cvelistv5

Published

2013-03-26 21:00

Modified

2024-08-06 14:33

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/82542	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21628658	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:03.512Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-folder-xss(82542)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82542"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "inotes-folder-xss(82542)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82542"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0525",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-folder-xss(82542)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82542"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0525",
    "datePublished": "2013-03-26T21:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:03.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0590

Vulnerability from cvelistv5

Published

2013-08-27 01:00

Modified

2024-08-06 14:33

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83814	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.210Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
          },
          {
            "name": "inotes-cve20130590-xss(83814)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83814"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
        },
        {
          "name": "inotes-cve20130590-xss(83814)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83814"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0590",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
            },
            {
              "name": "inotes-cve20130590-xss(83814)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83814"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0590",
    "datePublished": "2013-08-27T01:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.210Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-5943

Vulnerability from cvelistv5

Published

2013-03-26 21:00

Modified

2024-08-06 21:21

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/80538	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21628658	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:21:27.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-mail-xss(80538)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80538"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "inotes-mail-xss(80538)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80538"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-5943",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-mail-xss(80538)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80538"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-5943",
    "datePublished": "2013-03-26T21:00:00",
    "dateReserved": "2012-11-21T00:00:00",
    "dateUpdated": "2024-08-06T21:21:27.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4068

Vulnerability from cvelistv5

Published

2013-09-20 15:00

Modified

2024-08-06 16:30

Severity ?

Summary

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21650034	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/86599	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21649476	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21650146	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.987Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
          },
          {
            "name": "ibm-inotes-cve20134068-bo(86599)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-09-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
        },
        {
          "name": "ibm-inotes-cve20134068-bo(86599)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
            },
            {
              "name": "ibm-inotes-cve20134068-bo(86599)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4068",
    "datePublished": "2013-09-20T15:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.987Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0920

Vulnerability from cvelistv5

Published

2010-03-03 19:00

Modified

2024-09-16 22:56

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2010/0496	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/38459	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.454Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-03-03T19:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0920",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0920",
    "datePublished": "2010-03-03T19:00:00Z",
    "dateReserved": "2010-03-03T00:00:00Z",
    "dateUpdated": "2024-09-16T22:56:05.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0921

Vulnerability from cvelistv5

Published

2010-03-03 19:00

Modified

2024-08-07 01:06

Severity ?

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2010/0496	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/38459	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56556	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          },
          {
            "name": "inotes-getfilter-csrf(56556)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        },
        {
          "name": "inotes-getfilter-csrf(56556)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0921",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            },
            {
              "name": "inotes-getfilter-csrf(56556)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0921",
    "datePublished": "2010-03-03T19:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T01:06:52.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0536

Vulnerability from cvelistv5

Published

2013-06-21 17:00

Modified

2024-08-06 14:33

Severity ?

Summary

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21633827	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "notes-cve20130536-code-exec(82658)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "notes-cve20130536-code-exec(82658)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0536",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "notes-cve20130536-code-exec(82658)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0536",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0591

Vulnerability from cvelistv5

Published

2013-08-27 01:00

Modified

2024-08-06 14:33

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83381	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.590Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
          },
          {
            "name": "inotes-cve20130591-xss(83381)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83381"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
        },
        {
          "name": "inotes-cve20130591-xss(83381)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83381"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0591",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
            },
            {
              "name": "inotes-cve20130591-xss(83381)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83381"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0591",
    "datePublished": "2013-08-27T01:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.590Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0913

Vulnerability from cvelistv5

Published

2014-05-09 01:00

Modified

2024-08-06 09:27

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1030215	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg21671981	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/91880	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:20.341Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1030215",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030215"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981"
          },
          {
            "name": "ibm-inotes-cve20140913-xss(91880)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91880"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "1030215",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030215"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981"
        },
        {
          "name": "ibm-inotes-cve20140913-xss(91880)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91880"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-0913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1030215",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030215"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981"
            },
            {
              "name": "ibm-inotes-cve20140913-xss(91880)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91880"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-0913",
    "datePublished": "2014-05-09T01:00:00",
    "dateReserved": "2014-01-06T00:00:00",
    "dateUpdated": "2024-08-06T09:27:20.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-0282

Vulnerability from cvelistv5

Published

2016-11-24 19:41

Modified

2024-08-05 22:15

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21991722	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037383	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/94558	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:15:23.143Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
          },
          {
            "name": "1037383",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037383"
          },
          {
            "name": "94558",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-10-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-27T09:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
        },
        {
          "name": "1037383",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037383"
        },
        {
          "name": "94558",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-0282",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
            },
            {
              "name": "1037383",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037383"
            },
            {
              "name": "94558",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-0282",
    "datePublished": "2016-11-24T19:41:00",
    "dateReserved": "2015-12-08T00:00:00",
    "dateUpdated": "2024-08-05T22:15:23.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0275

Vulnerability from cvelistv5

Published

2010-01-09 18:00

Modified

2024-08-07 00:45

Severity ?

Summary

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

References

▼	URL	Tags
	http://secunia.com/advisories/38026	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0077	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55471	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/37675	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:11.763Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38026"
          },
          {
            "name": "ADV-2010-0077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0077"
          },
          {
            "name": "domino-script-command-unspecified(55471)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55471"
          },
          {
            "name": "37675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37675"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38026"
        },
        {
          "name": "ADV-2010-0077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0077"
        },
        {
          "name": "domino-script-command-unspecified(55471)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55471"
        },
        {
          "name": "37675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37675"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0275",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38026"
            },
            {
              "name": "ADV-2010-0077",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0077"
            },
            {
              "name": "domino-script-command-unspecified(55471)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55471"
            },
            {
              "name": "37675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37675"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0275",
    "datePublished": "2010-01-09T18:00:00",
    "dateReserved": "2010-01-09T00:00:00",
    "dateUpdated": "2024-08-07T00:45:11.763Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0595

Vulnerability from cvelistv5

Published

2013-08-27 01:00

Modified

2024-08-06 14:33

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	x_refsource_CONFIRM
	https://www-01.ibm.com/support/docview.wss?uid=swg21671622	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83431	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.227Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
          },
          {
            "name": "inotes-cve20130595-xss(83431)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83431"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-11T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
        },
        {
          "name": "inotes-cve20130595-xss(83431)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83431"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0595",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
            },
            {
              "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622",
              "refsource": "CONFIRM",
              "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
            },
            {
              "name": "inotes-cve20130595-xss(83431)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83431"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0595",
    "datePublished": "2013-08-27T01:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0276

Vulnerability from cvelistv5

Published

2010-01-09 18:00

Modified

2024-08-07 00:45

Severity ?

Summary

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

References

▼	URL	Tags
	http://secunia.com/advisories/38026	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2010/0077	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/37675	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:11.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38026"
          },
          {
            "name": "domino-trylotus-unspecified(55473)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
          },
          {
            "name": "ADV-2010-0077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0077"
          },
          {
            "name": "37675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37675"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38026"
        },
        {
          "name": "domino-trylotus-unspecified(55473)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
        },
        {
          "name": "ADV-2010-0077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0077"
        },
        {
          "name": "37675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37675"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0276",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38026"
            },
            {
              "name": "domino-trylotus-unspecified(55473)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
            },
            {
              "name": "ADV-2010-0077",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0077"
            },
            {
              "name": "37675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37675"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0276",
    "datePublished": "2010-01-09T18:00:00",
    "dateReserved": "2010-01-09T00:00:00",
    "dateUpdated": "2024-08-07T00:45:11.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd

Published

2010-01-09 18:30

Modified

2024-11-21 01:10

Severity ?

Summary

Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH.

References

URL	Tags
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27015942	Patch
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27016085	Patch
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55548
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27015942	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27016085	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55548

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0245DD-72A1-4B71-9B0C-CD339FBA2EE5",
              "versionEndIncluding": "229.111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.131 for Domino 8.0.x has unknown impact and attack vectors, aka SPR SDOY7RHBNH."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.131 para Domino v8.0.x tiene un impacto y vectores de ataque desconocidos, tambi\u00e9n conocido como SPR SDOY7RHBNH."
    }
  ],
  "id": "CVE-2009-4594",
  "lastModified": "2024-11-21T01:10:00.327",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-09T18:30:01.637",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27015942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55548"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-08-27 03:34

Modified

2024-11-21 01:47

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83381
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83381

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0590."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad Cross-site scripting (XSS) en iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como  SPR PTHN95XNR3, una vulnerabilidad diferente a CVE-2013-0590."
    }
  ],
  "id": "CVE-2013-0591",
  "lastModified": "2024-11-21T01:47:49.027",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-27T03:34:34.993",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83381"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-09-20 15:26

Modified

2024-11-21 01:54

Severity ?

Summary

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21649476	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21650034	Patch
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21650146	Patch
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/86599
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21649476	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21650034	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21650146	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/86599

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_domino	9.0.0.0
ibm	lotus_inotes	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADBAA800-3F74-45C5-AE58-EF76A35186D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en iNotes en IBM Domino 8.5.3  anterior a FP5 IF1 y 9.0 anterior a IF4  permite a los usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como SPR PTHN9ADPA8."
    }
  ],
  "id": "CVE-2013-4068",
  "lastModified": "2024-11-21T01:54:49.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-09-20T15:26:03.857",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21649476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86599"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-08-27 03:34

Modified

2024-11-21 01:47

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83431
psirt@us.ibm.com	https://www-01.ibm.com/support/docview.wss?uid=swg21671622
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83431
af854a3a-2127-422b-91ae-364da2661108	https://www-01.ibm.com/support/docview.wss?uid=swg21671622

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de cross-site scripting (XSS) en  iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como SPR PTHN95XNR3."
    }
  ],
  "id": "CVE-2013-0595",
  "lastModified": "2024-11-21T01:47:49.497",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-27T03:34:35.040",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83431"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21671622"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-06-20 10:27

Modified

2024-11-21 01:38

Severity ?

Summary

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21596862	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/75321
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21596862	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/75321

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.0.1
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.1.1
ibm	lotus_inotes	8.5.1.2
ibm	lotus_inotes	8.5.1.3
ibm	lotus_inotes	8.5.1.4
ibm	lotus_inotes	8.5.1.5
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.2.1
ibm	lotus_inotes	8.5.2.2
ibm	lotus_inotes	8.5.2.3
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8865EB47-3C1B-485B-94CA-852F1C40FDE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F5294B-DAEF-4450-81C1-AEB951364336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF658AD-31D5-4A88-920E-98B722D48355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C029E446-2BBA-491D-9AA0-D83A3879CCBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "618F1C0E-8E43-4D63-A497-9FFEE4E3A90D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A4CC23-6053-40FC-BFC8-08FAA9F0AE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA57E455-B3CB-4F53-854B-21D8DFB95ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E0153C-BDC4-4D01-A292-AD97A5C168EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4ED4C08-82E5-4165-A585-E23E23015609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en el m\u00e9todo Attachment_Times en un determinado control ActiveX en dwa85W.dll en IBM Lotus iNotes v8.5.x antes de v8.5.3 FP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un argumento excesivamente largo."
    }
  ],
  "id": "CVE-2012-2175",
  "lastModified": "2024-11-21T01:38:39.110",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-20T10:27:28.397",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21596862"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21596862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75321"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-03 19:30

Modified

2024-11-21 01:13

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

References

URL	Tags
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/38459
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_inotes	229.231
ibm	lotus_inotes	229.241
ibm	lotus_inotes	229.251
ibm	lotus_inotes	229.261
ibm	lotus_domino	8.0.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
              "versionEndIncluding": "229.271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante vectores relacionado con la falta de \"XSS/CSRF Get Filter and Referer Check fixes.\""
    }
  ],
  "id": "CVE-2010-0920",
  "lastModified": "2024-11-21T01:13:12.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-03T19:30:00.790",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-03 19:30

Modified

2024-11-21 01:13

Severity ?

Summary

Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors.

References

URL	Tags
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27018109
cve@mitre.org	http://www.securityfocus.com/bid/38459
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56557
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27018109
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56557

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_inotes	229.231
ibm	lotus_inotes	229.241
ibm	lotus_inotes	229.251
ibm	lotus_inotes	229.261
ibm	lotus_domino	8.0.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
              "versionEndIncluding": "229.271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 have unknown impact and attack vectors."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en la funcionalidad UltraLite en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 tienen un impacto y unos vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2010-0918",
  "lastModified": "2024-11-21T01:13:12.523",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-03-03T19:30:00.710",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56557"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56557"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-03-26 21:55

Modified

2024-11-21 01:45

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21628658	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/80538
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21628658	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/80538

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.0.1
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.1.1
ibm	lotus_inotes	8.5.1.2
ibm	lotus_inotes	8.5.1.3
ibm	lotus_inotes	8.5.1.4
ibm	lotus_inotes	8.5.1.5
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.2.1
ibm	lotus_inotes	8.5.2.2
ibm	lotus_inotes	8.5.2.3
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8865EB47-3C1B-485B-94CA-852F1C40FDE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F5294B-DAEF-4450-81C1-AEB951364336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF658AD-31D5-4A88-920E-98B722D48355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C029E446-2BBA-491D-9AA0-D83A3879CCBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "618F1C0E-8E43-4D63-A497-9FFEE4E3A90D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A4CC23-6053-40FC-BFC8-08FAA9F0AE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA57E455-B3CB-4F53-854B-21D8DFB95ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E0153C-BDC4-4D01-A292-AD97A5C168EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4ED4C08-82E5-4165-A585-E23E23015609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM iNotes v8.5.x anterior a v8.5.3 FP4 que permite usuarios asistidos remotos  inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores implicando el correo, tambi\u00e9n conocido SPR JDOE8ZZS9."
    }
  ],
  "id": "CVE-2012-5943",
  "lastModified": "2024-11-21T01:45:34.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-03-26T21:55:01.003",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80538"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-03 19:30

Modified

2024-11-21 01:13

Severity ?

Summary

Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."

References

URL	Tags
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27018109
cve@mitre.org	http://www.securityfocus.com/bid/38459
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56556
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27018109
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0496	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56556

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_inotes	229.231
ibm	lotus_inotes	229.241
ibm	lotus_inotes	229.251
ibm	lotus_inotes	229.261
ibm	lotus_domino	8.0.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
              "versionEndIncluding": "229.271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of \"XSS/CSRF Get Filter and Referer Check fixes.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en IBM Lotus iNotes (alias Domino Web Access o DWA) en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos secuestrar la autenticaci\u00f3n de vict\u00edmas al azar mediante vectores relacionados con la falta de \"XSS/CSRF Get Filter and Referer Check fixes.\""
    }
  ],
  "id": "CVE-2010-0921",
  "lastModified": "2024-11-21T01:13:12.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-03T19:30:00.820",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56556"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-01-09 18:30

Modified

2024-11-21 01:11

Severity ?

Summary

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38026	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
cve@mitre.org	http://www.securityfocus.com/bid/37675
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38026	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37675
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473

Impacted products

Vendor	Product	Version
ibm	domino_web_access	*
ibm	lotus_inotes	*
ibm	lotus_domino	8.0.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D53FB16-F441-48A4-A685-48257107EAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A641CD-F146-4732-8C4A-8DF6C230EE8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
    },
    {
      "lang": "es",
      "value": "IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.241 para Domino v8.0.2 FP3 no maneja adecuadamente la navegaci\u00f3n del \"Try Lotus iNotes anyway\" enlace desde la p\u00e1gina que informa del uso de un navegador no soportado, tiene u impacto y vectores de ataque sin especificar, tambi\u00e9n conocido como SPR LSHR7TBMQU."
    }
  ],
  "id": "CVE-2010-0276",
  "lastModified": "2024-11-21T01:11:53.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-09T18:30:01.947",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-12-21 14:22

Modified

2024-11-21 01:54

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/86595
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/86595

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_domino	8.5.3.5
ibm	lotus_domino	9.0.0.0
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2
ibm	lotus_inotes	8.5.3.3
ibm	lotus_inotes	8.5.3.4
ibm	lotus_inotes	8.5.3.5
ibm	lotus_inotes	9.0.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "24863689-9472-4C56-B3A8-3053494437C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCA4DA1-302C-42AD-9317-DC733A17696B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B102407C-3CCE-45A5-A3A2-9C24D5F4866A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AA3FA-31BA-429C-8CE6-B3776F5CF857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B79C2F-8633-47A2-ADB5-FEB0EEB10B90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9ARMFA."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad cross-site scripting (XSS) en iNotes de IBM Domino 8.5.x anteriores a 8.5.3 FP6 y 9.0.x anteriores a 9.0.1, cuando el modo ultra-light est\u00e1 activado, permite a usuarios remotos autenticados inyectar script web o HTML a trav\u00e9s de vectores no especificados, tambien conocido como SPR PTHN9ARMFA."
    }
  ],
  "id": "CVE-2013-4064",
  "lastModified": "2024-11-21T01:54:48.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-12-21T14:22:56.753",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86595"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86595"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-05-09 01:55

Modified

2024-11-21 02:03

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21671981	Vendor Advisory
psirt@us.ibm.com	http://www.securitytracker.com/id/1030215
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/91880
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21671981	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1030215
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/91880

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.3.6
ibm	lotus_domino	9.0.1.0
ibm	lotus_inotes	8.5.3.6
ibm	lotus_inotes	9.0.1.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B19F27-E6EE-41AA-937D-173E592A9278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3B3D5F-EB63-4ABA-8A27-BD654422DA54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A01616C-AEEB-40A0-AB35-0F615ADF8ADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4CF22B5-8931-49F4-A73E-7F425FBAAE30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes and Domino 8.5.3 FP6 before IF2 and 9.0.1 before FP1 allows remote attackers to inject arbitrary web script or HTML via an e-mail message, aka SPR BFEY9GXHZE."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en IBM iNotes y Domino 8.5.3 FP6 anterior a IF2 y 9.0.1 anterior a FP1 permite a atacantes remotos inyectar secuencias de comandos web y HTML arbitrarios a trav\u00e9s de un mensaje de e-mail, tambi\u00e9n conocido como SPR BFEY9GXHZE."
    }
  ],
  "id": "CVE-2014-0913",
  "lastModified": "2024-11-21T02:03:01.853",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-05-09T01:55:02.713",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1030215"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91880"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21671981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91880"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-03 19:30

Modified

2024-11-21 01:13

Severity ?

Summary

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
cve@mitre.org	http://secunia.com/advisories/38681	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/38744	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/38755	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1023662
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/62612
cve@mitre.org	http://www.securityfocus.com/bid/38457
cve@mitre.org	http://www.securityfocus.com/bid/38459
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0495	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0496	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38681	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38744	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38755	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023662
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/62612
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38457
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0495	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0496	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555

Impacted products

Vendor	Product	Version
ibm	domino_web_access	6.5
ibm	domino_web_access	7.0
ibm	domino_web_access	7.0.1
ibm	domino_web_access	7.0.2
ibm	domino_web_access	7.0.3
ibm	domino_web_access	8.0
ibm	domino_web_access	8.0.2
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_inotes	229.231
ibm	lotus_inotes	229.241
ibm	lotus_inotes	229.251
ibm	lotus_inotes	229.261
ibm	lotus_domino	8.0.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B653AE06-0056-45AA-B321-391EE70532B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D5C812F-4B1E-42A1-A478-978DF925D22D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "723845C5-91E1-4BED-B41F-9E0A0DB629D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
              "versionEndIncluding": "229.271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ."
    }
  ],
  "id": "CVE-2010-0919",
  "lastModified": "2024-11-21T01:13:12.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-03T19:30:00.743",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38681"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38744"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023662"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/62612"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38457"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0495"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023662"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/62612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-01-09 18:30

Modified

2024-11-21 01:11

Severity ?

Summary

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38026	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/37675
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55471
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38026	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37675
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55471

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_domino	8.0.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B327550-1809-4982-A927-48D3392B7A22",
              "versionEndIncluding": "229.231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58."
    },
    {
      "lang": "es",
      "value": "Modo Ultra-light en IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.241 para Domino v8.0.2 FP3 no maneja adecuadamente secuencias de comando en la URL status-alerts, tiene un impacto y vectores de ataque sin especificar, tambi\u00e9n conocido como SPR LSHR7TBM58."
    }
  ],
  "id": "CVE-2010-0275",
  "lastModified": "2024-11-21T01:11:53.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-09T18:30:01.900",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55471"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-03-26 21:55

Modified

2024-11-21 01:47

Severity ?

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21628658
	psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82542
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21628658
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82542

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.0.1
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.1.1
ibm	lotus_inotes	8.5.1.2
ibm	lotus_inotes	8.5.1.3
ibm	lotus_inotes	8.5.1.4
ibm	lotus_inotes	8.5.1.5
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.2.1
ibm	lotus_inotes	8.5.2.2
ibm	lotus_inotes	8.5.2.3
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8865EB47-3C1B-485B-94CA-852F1C40FDE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F5294B-DAEF-4450-81C1-AEB951364336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF658AD-31D5-4A88-920E-98B722D48355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C029E446-2BBA-491D-9AA0-D83A3879CCBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "618F1C0E-8E43-4D63-A497-9FFEE4E3A90D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A4CC23-6053-40FC-BFC8-08FAA9F0AE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA57E455-B3CB-4F53-854B-21D8DFB95ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E0153C-BDC4-4D01-A292-AD97A5C168EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4ED4C08-82E5-4165-A585-E23E23015609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM iNotes v8.5.x que permite a usuarios locales  inyectar secuencias de comandos web o HTML a trav\u00e9s de un archivo de correo compartido, tambi\u00e9n conocido como SPR DKEN8PDNTX"
    }
  ],
  "id": "CVE-2013-0525",
  "lastModified": "2024-11-21T01:47:43.640",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 1.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 2.7,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-03-26T21:55:01.123",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82542"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-12-21 14:22

Modified

2024-11-21 01:54

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/86594
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/86594

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_domino	8.5.3.5
ibm	lotus_domino	9.0.0.0
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2
ibm	lotus_inotes	8.5.3.3
ibm	lotus_inotes	8.5.3.4
ibm	lotus_inotes	8.5.3.5
ibm	lotus_inotes	9.0.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "24863689-9472-4C56-B3A8-3053494437C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCA4DA1-302C-42AD-9317-DC733A17696B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B102407C-3CCE-45A5-A3A2-9C24D5F4866A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AA3FA-31BA-429C-8CE6-B3776F5CF857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B79C2F-8633-47A2-ADB5-FEB0EEB10B90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPRs PTHN9AQMV7 and TCLE98ZKRP."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad cross-site scripitng (XSS) en iNotes de IBM Domino 8.5.x anteriores a 8.5.3 FP6 y 9.0.x anteriores a 9.0.1 permite a atacantes remotos inyectar script web o HTML a trav\u00e9s de contenido activo en un mensaje de email, tambien conocido como SPRs PTHN9AQMV7 y TCLE98ZKRP."
    }
  ],
  "id": "CVE-2013-4063",
  "lastModified": "2024-11-21T01:54:48.763",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-12-21T14:22:56.737",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86594"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:47

Severity ?

Summary

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21633827
	psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21633827
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.3.0
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.1
ibm	lotus_notes_traveler	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0922D598-E69F-4667-9D36-0A35C9C2C251",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
    },
    {
      "lang": "es",
      "value": "ntmulti.exe en el servicio Multi User Profile Cleanup en IBM Notes v8.0, v8.0.1, v8.0.2, v8.5, v8.5.1, v8.5.2, v8.5.3 anterior a FP5, y v9.0 anterior a IF2 permite a usuarios locales ganar privilegios mediante vectores que comprenden la ejecuci\u00f3n de c\u00f3digo durante la siguiente sesi\u00f3n de un usuario diferente. Tambi\u00e9n conocido como SPR PJOK959J24."
    }
  ],
  "id": "CVE-2013-0536",
  "lastModified": "2024-11-21T01:47:44.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-21T17:55:01.107",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-08-27 03:34

Modified

2024-11-21 01:47

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83814
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21647740	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83814

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN95XNR3, a different vulnerability than CVE-2013-0591."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad Cross-site scripting (XSS) en iNotes v8.5.x en IBM Lotus Domino v8.5 anterior a v8.5.3 FP5, permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como SPR PTHN95XNR3, una vulnerabilidad diferente a CVE-2013-0591."
    }
  ],
  "id": "CVE-2013-0590",
  "lastModified": "2024-11-21T01:47:48.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-08-27T03:34:34.970",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83814"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21647740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83814"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-12-21 14:22

Modified

2024-11-21 01:54

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/86596
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21659959	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/86596

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_domino	8.5.3.5
ibm	lotus_domino	9.0.0.0
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2
ibm	lotus_inotes	8.5.3.3
ibm	lotus_inotes	8.5.3.4
ibm	lotus_inotes	8.5.3.5
ibm	lotus_inotes	9.0.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "24863689-9472-4C56-B3A8-3053494437C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCA4DA1-302C-42AD-9317-DC733A17696B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B102407C-3CCE-45A5-A3A2-9C24D5F4866A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AA3FA-31BA-429C-8CE6-B3776F5CF857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9B79C2F-8633-47A2-ADB5-FEB0EEB10B90",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web script or HTML via active content in an e-mail message, aka SPR TCLE98ZKRP."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad cross-site scripting (XSS) en iNotes de IBM Domino 8.5.x anteriores a 8.5.3 FP6 y 9.0.x anteriores a 9.0.1, cuando el modo ultra-light est\u00e1 activado, permite a atacantes remotos inyectar script web o HTML a trav\u00e9s de contenido activo en un mensaje de email, tambien conocido como SPR TCLE98ZKRP."
    }
  ],
  "id": "CVE-2013-4065",
  "lastModified": "2024-11-21T01:54:49.000",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-12-21T14:22:56.783",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21659959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86596"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-01-09 18:30

Modified

2024-11-21 01:11

Severity ?

Summary

Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38026	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
cve@mitre.org	http://www.securityfocus.com/bid/37675
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55470
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38026	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37675
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55470

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_domino	8.0.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B327550-1809-4982-A927-48D3392B7A22",
              "versionEndIncluding": "229.231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en Edit Contact scene en Ultra-light Mode en IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.241 para Domino v8.0.2 FP3 tiene un impacto y vectores de ataque desconocidos, tambi\u00e9n conocido como SPR LSHR7TBLY5."
    }
  ],
  "evaluatorSolution": "http://www-933.ibm.com/support/fixcentral/",
  "id": "CVE-2010-0274",
  "lastModified": "2024-11-21T01:11:53.083",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-09T18:30:01.870",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55470"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-11-24 19:59

Modified

2024-11-21 02:41

Severity ?

5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Summary

Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21991722	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/94558
psirt@us.ibm.com	http://www.securitytracker.com/id/1037383
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21991722	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94558
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037383

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.0.0
ibm	lotus_inotes	8.5.0.1
ibm	lotus_inotes	8.5.1.0
ibm	lotus_inotes	8.5.1.1
ibm	lotus_inotes	8.5.1.2
ibm	lotus_inotes	8.5.1.3
ibm	lotus_inotes	8.5.1.4
ibm	lotus_inotes	8.5.1.5
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.2.1
ibm	lotus_inotes	8.5.2.2
ibm	lotus_inotes	8.5.2.3
ibm	lotus_inotes	8.5.2.4
ibm	lotus_inotes	8.5.3.0
ibm	lotus_inotes	8.5.3.1
ibm	lotus_inotes	8.5.3.2
ibm	lotus_inotes	8.5.3.3
ibm	lotus_inotes	8.5.3.4
ibm	lotus_inotes	8.5.3.5
ibm	lotus_inotes	8.5.3.6

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF04F0F8-E2AC-4080-91CE-E871CF32FBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8865EB47-3C1B-485B-94CA-852F1C40FDE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA02A70-D433-4AEB-B7CD-77744E52D280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F5294B-DAEF-4450-81C1-AEB951364336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF658AD-31D5-4A88-920E-98B722D48355",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C029E446-2BBA-491D-9AA0-D83A3879CCBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "618F1C0E-8E43-4D63-A497-9FFEE4E3A90D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "53A4CC23-6053-40FC-BFC8-08FAA9F0AE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA57E455-B3CB-4F53-854B-21D8DFB95ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E0153C-BDC4-4D01-A292-AD97A5C168EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4ED4C08-82E5-4165-A585-E23E23015609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D81A39-EA3A-4440-B026-8E8A4506C65D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F088F719-F4BE-4B49-B022-96D43664155B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F797B7-C3EA-4A12-8D69-217FBD4B9EB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCA4DA1-302C-42AD-9317-DC733A17696B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B102407C-3CCE-45A5-A3A2-9C24D5F4866A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "577AA3FA-31BA-429C-8CE6-B3776F5CF857",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A01616C-AEEB-40A0-AB35-0F615ADF8ADC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 FP6 IF2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka SPR KLYHAAHNUS."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en IBM iNotes en versiones anteriores a 8.5.3 FP6 IF2 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una URL manipulada, vulnerabilidad tambi\u00e9n conocida como SPR KLYHAAHNUS."
    }
  ],
  "id": "CVE-2016-0282",
  "lastModified": "2024-11-21T02:41:25.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-11-24T19:59:03.707",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/94558"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1037383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991722"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/94558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037383"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

All the vulnerabilites related to ibm - lotus_inotes

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd