Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2005-05-03 04:00

Modified

2024-11-20 23:57

Severity ?

Summary

Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/1013841
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202526	Patch
cve@mitre.org	http://www.osvdb.org/15367	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/13447
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/20044
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/1013841
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202526	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/15367	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/13447
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/20044

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file."
    }
  ],
  "id": "CVE-2005-1442",
  "lastModified": "2024-11-20T23:57:21.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-03T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/1013841"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.osvdb.org/15367"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/13447"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/1013841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.osvdb.org/15367"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/13447"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20044"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/8285
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67620
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8285
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67620
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de enteros en lzhsr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante una cabecera manipulada en un archivo adjunto .lzh que provoca un desbordamiento de b\u00fafer basado en pila, tambi\u00e9n conocido como SPR PRAD88MJ2W ."
    }
  ],
  "id": "CVE-2011-1213",
  "lastModified": "2024-11-21T01:25:48.593",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:01.937",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/8285"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67620"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8285"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-05-01 12:00

Modified

2024-11-21 01:46

Severity ?

Summary

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49.

References

URL	Tags
cret@cert.org	http://seclists.org/fulldisclosure/2013/Apr/262
cret@cert.org	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	Vendor Advisory
cret@cert.org	http://www.kb.cert.org/vuls/id/912420	US Government Resource
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/83775
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2013/Apr/262
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/912420	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83775

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3
ibm	lotus_notes	9.0.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "234A9059-B0DE-4BEB-ADC4-76F906D86ECC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes v8.x anterior a v8.5.3 FP4 Interim Fix v1 y v9.0 anterior a Interim Fix 1 no bloquea elementos APPLET en correos HTML, lo cual permite a atacantes remotos eludir restricciones de ejecuci\u00f3n de c\u00f3digo Java y funcionalidades X-Confirm-Reading-To a trav\u00e9s de un mensaje manipulado, tambi\u00e9n conocido como SPRs JMOY95BLM6 y JMOY95BN49."
    }
  ],
  "id": "CVE-2013-0127",
  "lastModified": "2024-11-21T01:46:54.197",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-05-01T12:00:07.730",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/262"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/912420"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2013/Apr/262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/912420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83775"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-03-09 02:44

Modified

2024-11-21 00:43

Severity ?

Summary

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

References

URL	Tags
cve@mitre.org	http://securitytracker.com/id?1019464
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21271957	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019464
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21271957	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0.2
ibm	lotus_notes	8.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en la biblioteca nlnotes.dll en el cliente en IBM Lotus Notes versiones 6.5, 7.0.x anterior a 7.0.2 CCH y versi\u00f3n 8.0.x anterior a 8.0.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo adjunto creado en un mensaje de correo electr\u00f3nico enviado por medio de SMTP, esta es una variante del CVE-2007-6706."
    }
  ],
  "id": "CVE-2008-1217",
  "lastModified": "2024-11-21T00:43:58.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-03-09T02:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019464"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019464"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

1999-03-01 05:00

Modified

2024-11-20 23:28

Severity ?

Summary

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.

References

▼	URL	Tags
	cve@mitre.org	http://marc.info/?l=bugtraq&m=92221437025743&w=2
	cve@mitre.org	http://marc.info/?l=bugtraq&m=92241547418689&w=2
	cve@mitre.org	http://marc.info/?l=bugtraq&m=92246997917866&w=2
	cve@mitre.org	http://marc.info/?l=bugtraq&m=92249282302994&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=92221437025743&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=92241547418689&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=92246997917866&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=92249282302994&w=2

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	4.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the \"Encrypt Saved Mail\" preference."
    }
  ],
  "id": "CVE-1999-0429",
  "lastModified": "2024-11-20T23:28:43.083",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "1999-03-01T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=92221437025743\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=92241547418689\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=92246997917866\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=92249282302994\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=92221437025743\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=92241547418689\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=92246997917866\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=92249282302994\u0026w=2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-07-24 12:19

Modified

2024-11-21 00:14

Severity ?

Summary

IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/21096	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016516
cve@mitre.org	http://securitytracker.com/id?1016819
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21243602
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21240386	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/21096	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016516
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016819
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21243602
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21240386	Exploit

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) \"Save As Draft\" option is used or (2) a \",\" (comma) is inside the \"phrase\" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes 6.0, 6.5, y 7.0 no maneja adecuadamente las respuestas a mensajes de correo con nombres de usuario alternativo cuando la opci\u00f3n(1) \"Guardar como borrador\" es utilizada o (2) una \",\" (coma) est\u00e1 dentro de la porci\u00f3n de una direcci\u00f3n, la cual podr\u00eda hacer que el email sea env\u00edado a usuarios que fueron borrados desde los campos To, CC y BBC, lo cual permite a un atacante remotos obtener una lista de receptores originales."
    }
  ],
  "id": "CVE-2006-3778",
  "lastModified": "2024-11-21T00:14:24.230",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-24T12:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21096"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016516"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016819"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/21096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-12-19 11:55

Modified

2024-11-21 01:43

Severity ?

Summary

IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68.

References

URL	Tags
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21619604	Vendor Advisory
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21620361	Patch
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/79535
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21619604	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21620361	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/79535

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes v8.5.x antes de v8.5.3 FP3 no incluye la bandera HttpOnly en la cabecera Set-Cookie para una cookie de aplicaci\u00f3n web, lo que hace que sea m\u00e1s f\u00e1cil para los atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s del acceso a esta cookie. Se trata de un problema tambi\u00e9n conocido como SPR JMAS7TRNLN y SRAO8U3Q68.\r\n"
    }
  ],
  "id": "CVE-2012-4846",
  "lastModified": "2024-11-21T01:43:36.390",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-12-19T11:55:54.750",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21619604"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21620361"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79535"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21619604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21620361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79535"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-03-18 15:30

Modified

2024-11-21 00:51

Severity ?

Summary

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
cve@mitre.org	http://osvdb.org/52713
cve@mitre.org	http://secunia.com/advisories/34303
cve@mitre.org	http://secunia.com/advisories/34307	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34318
cve@mitre.org	http://secunia.com/advisories/34355
cve@mitre.org	http://securitytracker.com/id?1021856
cve@mitre.org	http://securitytracker.com/id?1021857
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/276563	US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/34086
cve@mitre.org	http://www.securitytracker.com/id?1021859
cve@mitre.org	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0744	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0756
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0757
cve@mitre.org	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/52713
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34303
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34307	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34318
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34355
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021856
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021857
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/276563	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34086
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021859
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0744	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0756
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0757
af854a3a-2127-422b-91ae-364da2661108	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284

Impacted products

Vendor	Product	Version
autonomy	keyview_export_sdk	*
autonomy	keyview_export_sdk	2.0
autonomy	keyview_export_sdk	9.2.0
autonomy	keyview_export_sdk	10
autonomy	keyview_export_sdk	10.3
autonomy	keyview_filter_sdk	*
autonomy	keyview_filter_sdk	2.0
autonomy	keyview_filter_sdk	9.2.0
autonomy	keyview_filter_sdk	10
autonomy	keyview_filter_sdk	10.3
autonomy	keyview_viewer_sdk	*
autonomy	keyview_viewer_sdk	2.0
autonomy	keyview_viewer_sdk	9.2.0
autonomy	keyview_viewer_sdk	10
autonomy	keyview_viewer_sdk	10.3
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.12
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3
ibm	lotus_notes	8.0
symantec	altiris_deployment_solution	*
symantec	brightmail	5.0
symantec	data_loss_prevention_detection_servers	7.0
symantec	data_loss_prevention_detection_servers	8.0
symantec	data_loss_prevention_detection_servers	8.1
symantec	data_loss_prevention_detection_servers	8.1
symantec	data_loss_prevention_endpoint_agents	8.0
symantec	data_loss_prevention_endpoint_agents	8.1
symantec	enforce	7.0
symantec	enforce	8.0
symantec	enforce	8.1
symantec	enforce	8.1
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0.24
symantec	mail_security	5.0.1
symantec	mail_security	5.0.1.181
symantec	mail_security	5.0.1.182
symantec	mail_security	5.0.1.189
symantec	mail_security	5.0.1.200
symantec	mail_security	5.0.10
symantec	mail_security	5.0.11
symantec	mail_security	6.0.6
symantec	mail_security	6.0.7
symantec	mail_security	7.5..4.29
symantec	mail_security	7.5.3.25
symantec	mail_security	7.5.5.32

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B16D7CE-3770-46A6-BECA-76989E9639BE",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB3799E-43FC-40AA-85EC-72D87962C95D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B92810D7-A5C2-4118-8B67-9E1A49C6C4D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "893D0CC9-971E-4C78-AD80-D004D8BB5F37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "15B8E1D9-ADF9-40B2-A652-53CDEF60FAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "177E8A5C-0812-47BC-9CFC-F8E25A0F42AB",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8E3B7CC-48D2-4EB0-A0D9-44AA6947CF65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B90F221E-6C5A-4844-A098-53BE40E78A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4F4A68C-EF5D-41BB-A518-D277927D80D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6E0041-6647-4B04-B4C1-019E1F12E606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD370EEA-A33C-45B2-8FC6-C419AD6468E4",
              "versionEndIncluding": "10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE65E34-052C-4614-BA69-71D96EBC65E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:9.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8D56C0E-3403-4B91-A064-69E46770FBBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBB6C6D0-0848-45D0-ACA7-03B46F42AE76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:10.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E50CAF0-1F3A-4F57-A8DA-91B7840BBE3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
              "matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6701EB-AF87-4B63-A8B5-AA27C28DFFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "E1BE16AC-118D-4BA0-AE37-3DB2E4E417DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F945149-43CC-4EAC-9A78-C6A3BA6FAF9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D42BEF4-9BB4-4CCF-9395-C306C3CEBB0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "DC2C0DBF-382C-4F96-8497-2FABD7CB67C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "42A91935-15AC-4F64-AD3D-EFAD08955562",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37076C05-12CE-484C-AB10-711BABFF6992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5F3BAC-B470-4FB7-88AF-47A33D46EF00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFD0A99F-6B8A-4BB9-B8A7-40BB5D7B7CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8960720-5DF0-4F4C-9603-09A85FAF843D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "3E9D9CE3-109C-4035-9934-2B457268985D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enforce:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "E258E769-38CC-4E62-8158-3D549263ED1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C890707A-D2DF-403A-87CB-2AB01E85D8B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:microsoft_exchange:*:*:*:*:*:*",
              "matchCriteriaId": "5BBAE476-DB98-4464-81DF-8EC386E808B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:microsoft_exchange:*:*:*:*:*:*",
              "matchCriteriaId": "225BA7A2-8C45-42F1-921B-105CF8F0F22A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5..4.29:*:domino:*:*:*:*:*",
              "matchCriteriaId": "B1E6B709-B44B-47AC-A7FF-0C248D777D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
              "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
              "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes,  productos Symantec Mail Security (SMS), productos Symantec BrightMail Appliance y productos Symantec Data Loss Prevention (DLP) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero Word Perfect Document (WPD) manipulado."
    }
  ],
  "id": "CVE-2008-4564",
  "lastModified": "2024-11-21T00:51:59.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-03-18T15:30:00.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/52713"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34303"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34307"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34318"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/34355"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021856"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/276563"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34086"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1021859"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0744"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0756"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0757"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/52713"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34303"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34318"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34355"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/276563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021859"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/0744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0756"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0757"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:37

Severity ?

Summary

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/27763	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28140	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29342	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-95/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-96/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-97/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-98/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://securitytracker.com/id?1019805
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490825/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490837/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490838/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490839/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019844
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1154
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41722
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27763	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29342	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-95/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-96/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-97/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-98/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019805
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490825/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490837/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490838/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490839/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019844
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1154
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41722

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
symantec	mail_security	*
symantec	mail_security	5.0
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.1
autonomy	keyview	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:*:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6D9CF359-CBCB-4EA2-B189-3CF01CE694D0",
              "versionEndIncluding": "7.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3D6178-9D83-44C7-8EBB-50CDB68CB5EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
    },
    {
      "lang": "es",
      "value": "kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector  Applix Presents de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, no parsea adecuadamente los token largos, lo que permite a atacantes remotos  provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU) a trav\u00e9s de un fichero .ag manipulado."
    }
  ],
  "evaluatorComment": "IBM description: http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453\r\n\r\nSymantec description:\r\nhttp://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
  "id": "CVE-2007-5406",
  "lastModified": "2024-11-21T00:37:49.543",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-95/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-96/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-97/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-98/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019844"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-95/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-96/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-97/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-98/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-10 02:46

Modified

2024-11-21 00:38

Severity ?

Summary

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/27304	Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3357
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
cve@mitre.org	http://securitytracker.com/id?1018853
cve@mitre.org	http://securitytracker.com/id?1018886
cve@mitre.org	http://vuln.sg/lotusnotes702-en.html
cve@mitre.org	http://vuln.sg/lotusnotes702doc-en.html
cve@mitre.org	http://vuln.sg/lotusnotes702mif-en.html
cve@mitre.org	http://vuln.sg/lotusnotes702sam-en.html
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836
cve@mitre.org	http://www.securityfocus.com/archive/1/482664
cve@mitre.org	http://www.securityfocus.com/archive/1/483102/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26175	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3596
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3697
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-07-059.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27304	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3357
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018853
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018886
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702-en.html
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702doc-en.html
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702mif-en.html
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702sam-en.html
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482664
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/483102/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26175	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3596
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3697
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-07-059.html

Impacted products

Vendor	Product	Version
activepdf	docconverter	3.8.2_.5
autonomy	keyview_export_sdk	*
autonomy	keyview_filter_sdk	*
autonomy	keyview_viewer_sdk	*
ibm	lotus_notes	*
symantec	mail_security	5.0
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0.24
symantec	mail_security	5.0.1
symantec	mail_security	7.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E3116-26DC-492D-94EA-7BE531299FF8",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07FFE40A-6A96-4131-B537-8A4D8C1494AD",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E88061-F0E3-4CA9-8FCE-4B69FE4F3844",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
              "versionEndIncluding": "7.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
              "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll.  NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el IBM Lotus Notes anterior al 7.0.3, en el Symantec Mail Security y en otros productos, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de modificaciones en (1) el fichero AG del kpagrdr.dll, (2) en el fichero AW del awsr.dll, (3) en el fichero DLL o el (4) EXE del exesr.dll, (5) en el fichero DOC del mwsr.dll, (6) en el fichero MIF del mifsr.dll, (7) en el fichero SAM del lasr.dll o (8) en el fichero RTF del rtfsr.dll. NOTA: el vector WPD (wp6sr.dll) se trata en la vulnerabilidad CVE-2007-5910."
    }
  ],
  "id": "CVE-2007-5909",
  "lastModified": "2024-11-21T00:38:55.323",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-10T02:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27304"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3357"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018853"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018886"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702doc-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702mif-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702sam-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/482664"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26175"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3596"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3697"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702doc-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702mif-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702sam-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67621
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67621
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en rtfsr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un enlace a manipulado en un archivo .rtf adjunto, tambi\u00e9n conocido como SPR PRAD8823JQ."
    }
  ],
  "id": "CVE-2011-1214",
  "lastModified": "2024-11-21T01:25:48.750",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:01.983",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67621"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67625
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67625
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238

Impacted products

Vendor	Product	Version
autonomy	keyview	*
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en kvarcve.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un adjunto .zip modificado. Tambi\u00e9n conocido como SPR PRAD8E3NSP. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceras partes."
    }
  ],
  "id": "CVE-2011-1218",
  "lastModified": "2024-11-21T01:25:49.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:02.140",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67625"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-06 05:00

Modified

2024-11-20 23:48

Severity ?

Summary

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=108843896506099&w=2	Third Party Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP&uid=swg21169510	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities	Broken Link, Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/10600	Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16496	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=108843896506099&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP&uid=swg21169510	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities	Broken Link, Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10600	Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16496	Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	6.0.3
	ibm	lotus_notes	6.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n de argumentos en IBM Lotus Notes 6.0.3 y 6.5 permite a atacantes remotos ejecutar c\u00f3digo de su eleccion mediante una URI notes: que usa un nombre de ruta de red UNC para proveer un fichero de configuraci\u00f3n notes.ini alternativo a notes.exe."
    }
  ],
  "id": "CVE-2004-0480",
  "lastModified": "2024-11-20T23:48:40.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-06T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=108843896506099\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10600"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=108843896506099\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16496"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-09-01 16:30

Modified

2024-11-21 01:06

Severity ?

Summary

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36472	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/36474	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21396492	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/36042
cve@mitre.org	http://www.securityfocus.com/bid/36124
cve@mitre.org	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2389	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36472	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36474	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21396492	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36042
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36124
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2389	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.5
symantec	brightmail_appliance	5.0
symantec	brightmail_appliance	8.0.0
symantec	brightmail_appliance	8.0.1
symantec	data_loss_prevention_detection_servers	7.2
symantec	data_loss_prevention_detection_servers	8.1.1
symantec	data_loss_prevention_detection_servers	8.1.1
symantec	data_loss_prevention_detection_servers	9.0.1
symantec	data_loss_prevention_detection_servers	9.0.1
symantec	data_loss_prevention_endpoint_agents	8.1.1
symantec	data_loss_prevention_endpoint_agents	9.0.1
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.1
symantec	mail_security	5.0.1.181
symantec	mail_security	5.0.1.182
symantec	mail_security	5.0.1.189
symantec	mail_security	5.0.1.200
symantec	mail_security	5.0.10
symantec	mail_security	5.0.11
symantec	mail_security	5.0.12
symantec	mail_security	6.0.6
symantec	mail_security	6.0.7
symantec	mail_security	6.0.8
symantec	mail_security	7.5.3.25
symantec	mail_security	7.5.4.29
symantec	mail_security	7.5.5.32
symantec	mail_security	7.5.6
symantec	mail_security	8.0
symantec	mail_security_appliance	5.0
symantec	mail_security_appliance	5.0.0.24
symantec	mail_security_appliance	5.0.0.36
autonomy	keyview	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "F8B5BF9A-F8A7-4C2B-B093-8226D0ED1425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:fp3:*:*:*:*:*",
              "matchCriteriaId": "04CB50C2-2B01-4A68-BE96-1127B9954F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "66D334E1-9326-4D0A-8D87-572F3E6B44BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "5614CD60-7690-47E6-AEB3-FB0151EB264C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF63CB53-00F5-42F5-B2AC-A0B02DB9B636",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA56769-FBFE-4546-8672-5FB3BADF939F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail_appliance:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0E09688-A7FA-496B-AA03-D211BF09FA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "34D947D4-2750-4C73-8CEA-6F9BF3DA5C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.200:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "0117D61C-DEE6-4803-9CF8-27EEBAA493CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.10:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "5BF163AF-E470-492A-940C-B2FB37AA2322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
              "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
              "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
              "matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
              "matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "B00BFCE1-D01F-408C-931B-A19BC472124B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A5F6573-0FF1-4660-A9B9-5C6696525C82",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en xlssr.dll en Autonomy KeyView XLS viewer(tambi\u00e9n conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), y otros productos, permite a atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de una manipulaci\u00f3n de la hoja de c\u00e1lculo .xls adjunta."
    }
  ],
  "id": "CVE-2009-3037",
  "lastModified": "2024-11-21T01:06:22.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-09-01T16:30:00.767",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36472"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36474"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36042"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36124"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36474"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36124"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2389"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-03-09 02:44

Modified

2024-11-21 00:40

Severity ?

Summary

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.

References

URL	Tags
cve@mitre.org	http://osvdb.org/40956
cve@mitre.org	http://secunia.com/advisories/27279	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1019464
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21271957
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3597
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40956
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27279	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019464
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21271957
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3597

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	6.5
ibm	lotus_notes	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
              "versionEndIncluding": "7.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en nlnotes.dll en el cliente de IBM Lotus Notes 6.5, 7.0.x antes de 7.0.2 CCH or 7.0.3, y posiblemente 8.0 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un texto manipulado en un email enviado por SMTP."
    }
  ],
  "id": "CVE-2007-6706",
  "lastModified": "2024-11-21T00:40:48.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-03-09T02:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40956"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27279"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019464"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40956"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019464"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3597"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digo trav\u00e9s de vectores relacionados con \"uso inseguro\" de m\u00e9todos (1) java.lang.Class getDeclaredMethods o (2) java.lang.reflect.AccessibleObject setAccessible()."
    }
  ],
  "id": "CVE-2012-4821",
  "lastModified": "2024-11-21T01:43:33.683",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.027",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67622
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67622
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en mw8sr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un enlace manipulado en un archivo adjunto de documento de Microsoft Office, tambi\u00e9n conocido como SPR PRAD8823ND."
    }
  ],
  "id": "CVE-2011-1215",
  "lastModified": "2024-11-21T01:25:48.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-31T20:55:02.030",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-02-08 22:00

Modified

2024-11-21 01:25

Severity ?

Summary

Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/43222	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21461514	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2011/0295	Vendor Advisory
cve@mitre.org	http://zerodayinitiative.com/advisories/ZDI-11-051/
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43222	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21461514	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0295	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://zerodayinitiative.com/advisories/ZDI-11-051/
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n de argumentos en Lotus Notes de IBM versiones 8.0.x anteriores a 8.0.2 FP6 y versiones 8.5.x anteriores a 8.5.1 FP5, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una URL cai:// que contiene una opci\u00f3n --launcher.library que especifica un nombre de ruta (path) de recurso compartido UNC para un archivo DLL, tambi\u00e9n se conoce como SPR PRAD82YJW2."
    }
  ],
  "id": "CVE-2011-0912",
  "lastModified": "2024-11-21T01:25:08.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-02-08T22:00:02.367",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43222"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0295"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://zerodayinitiative.com/advisories/ZDI-11-051/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2011/0295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://zerodayinitiative.com/advisories/ZDI-11-051/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2018-07-16 14:29

Modified

2024-11-21 01:47

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.

References

URL	Tags
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82531	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://www-01.ibm.com/support/docview.wss?uid=swg21634508	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82531	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www-01.ibm.com/support/docview.wss?uid=swg21634508	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.2
ibm	lotus_notes	8.5.3
ibm	lotus_notes	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F13424F2-99E7-4CAA-B20A-0CFEECB8AF75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3909D1D3-DA30-46FE-8252-F44778766552",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica Notes Client Single Logon en IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 y 9.0 en Windows permite que usuarios locales descubran contrase\u00f1as mediante vectores relacionados con un mecanismo de comunicaci\u00f3n de un sistema operativo no especificado para la transmisi\u00f3n de contrase\u00f1as entre Windows y Notes. IBM X-Force ID: 82531."
    }
  ],
  "id": "CVE-2013-0522",
  "lastModified": "2024-11-21T01:47:43.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-07-16T14:29:00.277",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67623
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67623
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer de pila en assr.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de datos de etiqueta en un adjunto de hoja de c\u00e1lculo Applix. Tambi\u00e9n conocido como SPR PRAD8823A7."
    }
  ],
  "id": "CVE-2011-1216",
  "lastModified": "2024-11-21T01:25:49.060",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:02.063",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67623"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-20 23:59

Severity ?

Summary

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/16100	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/16280	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-30/advisory/	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-66/advisory/	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015657	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	Patch
cve@mitre.org	http://www.osvdb.org/23066	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/424717/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/16576
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0500
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24637
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16100	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16280	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-30/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-66/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015657	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23066	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424717/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16576
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0500
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24637

Impacted products

Vendor	Product	Version
autonomy	keyview_export_sdk	*
autonomy	keyview_filter_sdk	*
autonomy	keyview_viewer_sdk	*
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CD7AAC-E4E2-47E4-A34D-47C670FA6254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754BD2C9-2100-4B21-B164-47487434D9E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6DDCD8-B9AD-4757-A067-CF99372D7326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview."
    }
  ],
  "id": "CVE-2005-2619",
  "lastModified": "2024-11-20T23:59:58.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16100"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16280"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-30/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-66/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015657"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23066"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/424717/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16576"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0500"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-30/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-66/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424717/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24637"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-05-03 04:00

Modified

2024-11-20 23:57

Severity ?

Summary

HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/14879	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1013839	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437
cve@mitre.org	http://www.kb.cert.org/vuls/id/699798
cve@mitre.org	http://www.osvdb.org/15365
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/20045
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/14879	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1013839	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/699798
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/15365
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/20045

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications."
    }
  ],
  "id": "CVE-2005-1405",
  "lastModified": "2024-11-20T23:57:16.790",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-05-03T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/14879"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1013839"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/699798"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/15365"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/14879"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1013839"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/699798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/15365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20045"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:43

Severity ?

Summary

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28140	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-12/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490826/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41725
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-12/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490826/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41725

Impacted products

Vendor	Product	Version
autonomy	keyview	2.0.0.2
autonomy	keyview	10.3.0.0
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el motor del visor de documentos KeyView de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes 7.0.2 y 7.0.3, permite a atacantes remotos  ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un nombre de ruta largo, como se ha demostrado usando un atributo SRC largo en una etiqueta IMG de un documento HTML."
    }
  ],
  "id": "CVE-2008-1101",
  "lastModified": "2024-11-21T00:43:40.940",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-12/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-12/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-01-09 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=97370725220953&w=2
cve@mitre.org	http://www.securityfocus.com/bid/1925	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=97370725220953&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/1925	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "76033B86-850B-4028-AB50-7A4C45D9A560",
              "versionEndIncluding": "5.0.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected."
    }
  ],
  "id": "CVE-2000-1138",
  "lastModified": "2024-11-20T23:34:05.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-01-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=97370725220953\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1925"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=97370725220953\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1925"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-05-01 12:00

Modified

2024-11-21 01:47

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	Vendor Advisory
psirt@us.ibm.com	http://www.kb.cert.org/vuls/id/912420	US Government Resource
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83270
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/912420	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83270

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3
ibm	lotus_notes	9.0.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "234A9059-B0DE-4BEB-ADC4-76F906D86ECC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad XSS en IBM Lotus Notes 8.x anterior a 8.5.3 FP4 Interim Fix 1 y 9.0 anterior a Interim Fix 1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de un elementro SCRIPT en un correo electr\u00f3nico HTML. Aka SPRs JMOY95BLM6 y JMOY95BN49."
    }
  ],
  "id": "CVE-2013-0538",
  "lastModified": "2024-11-21T01:47:44.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-05-01T12:00:07.873",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/912420"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83270"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/912420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83270"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-01-09 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/1994	Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/1994	Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	r5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:r5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4F8C0C-B817-4E38-95E6-5896E365C75F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method."
    }
  ],
  "id": "CVE-2000-1117",
  "lastModified": "2024-11-20T23:34:02.950",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-01-09T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit",
        "Third Party Advisory",
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/1994"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-07-18 16:51

Modified

2024-11-21 01:46

Severity ?

Summary

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21627992	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21627992	Vendor Advisory

Impacted products

Vendor	Product	Version
autonomy	keyview_idol	-
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_idol:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBBCAAD-A5D3-4C99-B057-68313477944E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el parser .mdb en Autonomy KeyView IDOL, como se utilizaba en IBM Notes v8.5.x anterior a v8.5.3 FP4, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo especialmente elaborado, tambi\u00e9n conocido como SPR KLYH92XL3W."
    }
  ],
  "id": "CVE-2012-6349",
  "lastModified": "2024-11-21T01:46:03.440",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-07-18T16:51:55.323",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:41

Severity ?

Summary

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28140	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-3/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490828/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019843
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41724
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-3/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490828/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019843
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41724

Impacted products

Vendor	Product	Version
autonomy	keyview	*
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) \"large chunks of data,\" or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en htmsr.dll en el lector r\u00e1pido HTML de Autonomy (anteriormente Verity) KeyView, usado por IBM Lotus Notes 7.0.2 and 7.0.3, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s un documento HTML con (1)\"large chunks of data,\" (grandes cadenas/trozos de datos) o una URL larga en (2)  el atributo BACKGROUND del elemento BODY (3) o a trav\u00e9s del atributo SRC de una etiqueta IMG."
    }
  ],
  "id": "CVE-2008-0066",
  "lastModified": "2024-11-21T00:41:05.610",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-3/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490828/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019843"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41724"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-3/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490828/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41724"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:45

Severity ?

Summary

Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41856
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41856

Impacted products

Vendor	Product	Version
autonomy	keyview	*
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en mimesr.dll en Autonomy (anteriormente Verity) KeyView, usado en IBM Lotus Notes anterior a 8.0, puede permitir a atacantes remotos  asistidos por el usuario ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un mensaje de correo electr\u00f3nico con un adjunto (MIME) manipulado."
    }
  ],
  "evaluatorComment": "Secunia information:\r\nhttp://secunia.com/advisories/28210",
  "id": "CVE-2008-1718",
  "lastModified": "2024-11-21T00:45:10.327",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41856"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en el componente JRE de IBM Java 7 SR2 y anteriores, SR3 Java v6.0.1 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores, tal y como se utiliza en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes y Domino, Tivoli Storage Productivity Center y Service Deliver Manager y otros productos de otros fabricantes tales como Red Hat, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el \"uso inseguro del m\u00e9todo defineClass java.lang.ClassLoder().\"\r\n"
    }
  ],
  "id": "CVE-2012-4823",
  "lastModified": "2024-11-21T01:43:34.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.150",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-21 17:55

Modified

2024-11-21 01:47

Severity ?

Summary

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21633827
	psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658
	af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21633827
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658

Impacted products

Vendor	Product	Version
ibm	lotus_inotes	8.5.2.0
ibm	lotus_inotes	8.5.3.0
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.1
ibm	lotus_notes_traveler	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA621B45-7747-491D-A983-DD125BEE2753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76D0D493-1BFD-4054-BDB0-F338BFAFDC5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0922D598-E69F-4667-9D36-0A35C9C2C251",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
    },
    {
      "lang": "es",
      "value": "ntmulti.exe en el servicio Multi User Profile Cleanup en IBM Notes v8.0, v8.0.1, v8.0.2, v8.5, v8.5.1, v8.5.2, v8.5.3 anterior a FP5, y v9.0 anterior a IF2 permite a usuarios locales ganar privilegios mediante vectores que comprenden la ejecuci\u00f3n de c\u00f3digo durante la siguiente sesi\u00f3n de un usuario diferente. Tambi\u00e9n conocido como SPR PJOK959J24."
    }
  ],
  "id": "CVE-2013-0536",
  "lastModified": "2024-11-21T01:47:44.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-21T17:55:01.107",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-09-09 22:30

Modified

2024-11-21 01:06

Severity ?

Summary

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36813	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21403834	Vendor Advisory
cve@mitre.org	http://www.scip.ch/?vuldb.4021
cve@mitre.org	http://www.securityfocus.com/archive/1/506296/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/36305
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36813	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21403834	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.scip.ch/?vuldb.4021
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/506296/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36305

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	8.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer\u0027s Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K."
    },
    {
      "lang": "es",
      "value": "El widget RSS reader en Lotus Notes de IBM versiones 8.0 y 8.5, guarda elementos de una fuente RSS como documentos HTML locales, lo que permite a los atacantes remotos ejecutar scripts arbitrarios en la Local Machine Zone de Internet Explorer  por medio de un feed dise\u00f1ado, tambi\u00e9n se conoce como SPR RGAU7RDJ9K."
    }
  ],
  "id": "CVE-2009-3114",
  "lastModified": "2024-11-21T01:06:35.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-09-09T22:30:00.233",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36813"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.scip.ch/?vuldb.4021"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/506296/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.scip.ch/?vuldb.4021"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/506296/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36305"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2002-10-10 04:00

Modified

2024-11-20 23:38

Severity ?

Summary

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=103428193409223&w=2
cve@mitre.org	http://securityreason.com/securityalert/587
cve@mitre.org	http://www.info-zip.org/FAQ.html
cve@mitre.org	http://www.info.apple.com/usen/security/security_updates.html
cve@mitre.org	http://www.iss.net/security_center/static/10251.php	Vendor Advisory
cve@mitre.org	http://www.kb.cert.org/vuls/id/383779	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.securityfocus.com/bid/5873	Patch, Vendor Advisory
cve@mitre.org	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=103428193409223&w=2
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/587
af854a3a-2127-422b-91ae-364da2661108	http://www.info-zip.org/FAQ.html
af854a3a-2127-422b-91ae-364da2661108	http://www.info.apple.com/usen/security/security_updates.html
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/10251.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/383779	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5873	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054

Impacted products

Vendor	Product	Version
allume_systems_division	stuffit_expander	6.5.2
ibm	lotus_notes	*
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	r5
ibm	lotus_notes	r6
verity	keyview_viewing_sdk	gold
winzip	winzip	7.0
microsoft	windows_98_plus_pack	*
microsoft	windows_me	*
microsoft	windows_xp	*
microsoft	windows_xp	*
microsoft	windows_xp	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:allume_systems_division:stuffit_expander:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3741E010-136A-47C8-8CFE-8C8C556F1BA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06CEA48E-1CBC-48D9-ADCA-341BBBB524B0",
              "versionEndIncluding": "4.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:r5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4F8C0C-B817-4E38-95E6-5896E365C75F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:r6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24C6CC-70D0-4201-BA67-31ADAFAB3D69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:verity:keyview_viewing_sdk:gold:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A519207-A70B-433A-BA56-66240A5B2655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:winzip:winzip:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2ACBE01-B77A-4D09-8FB3-D6365786C44F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:windows_98_plus_pack:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DE6302-A76A-44C1-A2EC-27FD1B82B9B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "799DA395-C7F8-477C-8BC7-5B4B88FB7503",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:home:*:*:*:*:*",
              "matchCriteriaId": "BC176BB0-1655-4BEA-A841-C4158167CC9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:gold:professional:*:*:*:*:*",
              "matchCriteriaId": "4BF263CB-4239-4DB0-867C-9069ED02CAD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp1:home:*:*:*:*:*",
              "matchCriteriaId": "49693FA0-BF34-438B-AFF2-75ACC8A6D2E6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la capacidad ZIP de m\u00faltiples productos permite a atacantes remotos causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo\r\nMicrosoft Windows 98 con el paquete Plus!\r\nWindows XP\r\nWindows Me\r\nLotus Notes R4 a R6 (pre-gold)\r\nVerity KeyView, y\r\nStuffit Expander antes de 7.0."
    }
  ],
  "id": "CVE-2002-0370",
  "lastModified": "2024-11-20T23:38:55.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-10-10T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=103428193409223\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/587"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.info-zip.org/FAQ.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.info.apple.com/usen/security/security_updates.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10251.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/383779"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5873"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=103428193409223\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/587"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.info-zip.org/FAQ.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.info.apple.com/usen/security/security_updates.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/10251.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/383779"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-13 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.

References

▼	URL	Tags
	cve@mitre.org	http://securitytracker.com/id?1018433
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085
	cve@mitre.org	http://www.heise-security.co.uk/news/92958
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018433
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085
	af854a3a-2127-422b-91ae-364da2661108	http://www.heise-security.co.uk/news/92958

Impacted products

Vendor	Product	Version
ibm	lotus_notes	5.0
ibm	lotus_notes	6.0
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes 5.x hasta 7.0.2 permite a administradores autenticados remotamente, con la intervenci\u00f3n del usuario, obtener una contrase\u00f1a en texto claro de notes.id estableciendo las variables de depuraci\u00f3n de notes.ini (1) KFM_ShowEntropy y (2) Debug_Outfile, una vulnerabilidad diferente de CVE-2005-2696."
    }
  ],
  "id": "CVE-2007-4309",
  "lastModified": "2024-11-21T00:35:17.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-08-13T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018433"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.heise-security.co.uk/news/92958"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018433"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.heise-security.co.uk/news/92958"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:52

Severity ?

Summary

Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/12046	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	Patch
cve@mitre.org	http://www.osvdb.org/8418	Patch
cve@mitre.org	http://www.securityfocus.com/bid/10704
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12046	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/8418	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10704

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN."
    }
  ],
  "id": "CVE-2004-2280",
  "lastModified": "2024-11-20T23:52:57.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12046"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8418"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10704"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-24 23:55

Modified

2024-11-21 01:26

Severity ?

Summary

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

References

▼	URL	Tags
	security_alert@emc.com	http://securityreason.com/securityalert/8258
	security_alert@emc.com	http://www.securityfocus.com/archive/1/518003/100/0/threaded
	af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8258
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/518003/100/0/threaded

Impacted products

Vendor	Product	Version
emc	sourceone_email_management	*
emc	sourceone_email_management	6.5.2.3668
microsoft	exchange	*
emc	sourceone_email_management	*
emc	sourceone_email_management	6.5.2.3668
ibm	lotus_domino	*
ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:sourceone_email_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A21052-75B2-4345-962D-A50D39EBB274",
              "versionEndIncluding": "6.6.0.1209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:sourceone_email_management:6.5.2.3668:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCD8519-FCF2-45C5-9026-AAD064DAFF59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:exchange:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "994A442C-6440-4132-A19E-3717618715BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:emc:sourceone_email_management:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A21052-75B2-4345-962D-A50D39EBB274",
              "versionEndIncluding": "6.6.0.1209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:emc:sourceone_email_management:6.5.2.3668:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBCD8519-FCF2-45C5-9026-AAD064DAFF59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99CADAC9-376A-430B-B228-84F0FA401154",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of ExShortcut\\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto de ExShortcut\\Web.config en EMC SourceOne Email Management anteriores a v6.6 Service Pack 1, cuando se utiliza el componente Mobile Services, no fija de forma adecuada el atributo localOnly de la traza del elemento, lo que permite a usuarios remotos autenticados a obtener informaci\u00f3n sensible a trav\u00e9s de la aplicaci\u00f3n  ASP.NET Application Tracing."
    }
  ],
  "id": "CVE-2011-1424",
  "lastModified": "2024-11-21T01:26:16.850",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-24T23:55:02.777",
  "references": [
    {
      "source": "security_alert@emc.com",
      "url": "http://securityreason.com/securityalert/8258"
    },
    {
      "source": "security_alert@emc.com",
      "url": "http://www.securityfocus.com/archive/1/518003/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/518003/100/0/threaded"
    }
  ],
  "sourceIdentifier": "security_alert@emc.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-16"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-06-20 10:27

Modified

2024-11-21 01:38

Severity ?

Summary

The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.

References

▼	URL	Tags
	psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21598348
	psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/75320
	af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21598348
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/75320

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL."
    },
    {
      "lang": "es",
      "value": "El manejador de URLs en IBM Lotus Notes v8.x antes de v8.5.3 FP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una URL notes:// creada para tal fin."
    }
  ],
  "id": "CVE-2012-2174",
  "lastModified": "2024-11-21T01:38:39.000",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-20T10:27:28.363",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21598348"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21598348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75320"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:37

Severity ?

Summary

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/27763	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28140	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29342	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-95/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-96/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-97/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-98/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://securitytracker.com/id?1019805
PSIRT-CNA@flexerasoftware.com	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490825/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490837/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490838/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490839/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019844
PSIRT-CNA@flexerasoftware.com	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1154
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41721
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27763	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29342	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-95/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-96/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-97/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-98/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019805
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490825/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490837/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490838/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490839/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019844
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1154
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41721

Impacted products

Vendor	Product	Version
activepdf	docconverter	3.8.2_.5
activepdf	docconverter	3.8.4.0
autonomy	keyview	2.0.0.2
autonomy	keyview	10.3.0.0
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.1
symantec	mail_security	7.5
symantec	mail_security_appliance	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
              "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer  en kpagrdr.dll 2.0.0.2 y 10.3.0.0 en el lector  Applix Presents de Autonomy (anteriormente Verity) KeyView,usado por IBM Lotus Notes, Symantec Mail Security, y activePDF DocConverter, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo .ag con (1)un atributo ENCODING largo en la etiqueta *BEGIN, (2) un token largo, o (3) la etiqueta inicial *BEGIN."
    }
  ],
  "id": "CVE-2007-5405",
  "lastModified": "2024-11-21T00:37:49.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-95/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-96/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-97/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-98/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019844"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-95/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-96/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-97/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-98/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-08-26 15:50

Modified

2024-11-21 00:00

Severity ?

Summary

IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=112456040418543&w=2
cve@mitre.org	http://www.venera.com/downloads/Lotus_password_disclosures.pdf	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=112456040418543&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.venera.com/downloads/Lotus_password_disclosures.pdf	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99CADAC9-376A-430B-B228-84F0FA401154",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) \"PasswordDigest\" and \"HTTPPassword\" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428."
    }
  ],
  "id": "CVE-2005-2696",
  "lastModified": "2024-11-21T00:00:10.473",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-08-26T15:50:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=112456040418543\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=112456040418543\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51328	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51393	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51328	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51393	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digoa trav\u00e9s de vectores relacionados con \"uso inseguro de uso [de] m\u00e9todos m\u00faltiples en la clase java.lang.class class.\""
    }
  ],
  "id": "CVE-2012-4822",
  "lastModified": "2024-11-21T01:43:33.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:01.087",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-05-10 11:42

Modified

2024-11-21 01:52

Severity ?

Summary

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21635878	Vendor Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/83967
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21635878	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/83967

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3
ibm	lotus_notes	8.5.3.4
ibm	lotus_notes	9.0.0.0
microsoft	windows	*
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3
ibm	lotus_notes	8.5.3.4
ibm	lotus_notes	9.0.0.0
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9991C0A7-EF7B-48AF-BB7B-B54A1F2AB99E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "234A9059-B0DE-4BEB-ADC4-76F906D86ECC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9991C0A7-EF7B-48AF-BB7B-B54A1F2AB99E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "234A9059-B0DE-4BEB-ADC4-76F906D86ECC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en IBM Notes v8.5.x anterior a v8.5.3 FP4 Interim Fix 1 y v9.x anterior a v9.0 Interim Fix 1 en Windows, y v8.5.x anterior a v8.5.3 FP5 y v9.x anterior a v9.0.1 en Linux, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una imagen PNG malformada en la previsualizaci\u00f3n de un mensaje de correo electr\u00f3nico, tambi\u00e9n conocido como SPR NPEI96K82Q."
    }
  ],
  "id": "CVE-2013-2977",
  "lastModified": "2024-11-21T01:52:46.727",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-05-10T11:42:30.323",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83967"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83967"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-08-12 00:55

Modified

2024-11-21 02:07

Severity ?

Summary

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager.

References

URL	Tags
psirt@us.ibm.com	http://secunia.com/advisories/59680
psirt@us.ibm.com	http://secunia.com/advisories/60081
psirt@us.ibm.com	http://secunia.com/advisories/60317
psirt@us.ibm.com	http://secunia.com/advisories/60622
psirt@us.ibm.com	http://secunia.com/advisories/61577
psirt@us.ibm.com	http://secunia.com/advisories/61640
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21680333	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21680334
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21686383
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21686824
psirt@us.ibm.com	http://www.securityfocus.com/bid/69183
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/94097
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/59680
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60081
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60317
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/60622
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61577
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/61640
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21680333	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21680334
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686383
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21686824
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/69183
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/94097

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.5.3.0
ibm	lotus_notes	9.0.1.0
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	9.0.1.0
ibm	websphere_real_time	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA1030B1-B276-4185-AC5F-5B7E35F847E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A53C163-AA20-4228-8BE4-58E22F742557",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3B3D5F-EB63-4ABA-8A27-BD654422DA54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en IBM Java Virtual Machine, utilizado en IBM WebSphere Real Time 3 anterior a Service Refresh 7 FP1 y otros productos, permite a atacantes remotos ganar privilegios mediante el aprovechamiento de la habilidad de ejecutar c\u00f3digo en el contexto de un gestor de seguridad."
    }
  ],
  "id": "CVE-2014-3086",
  "lastModified": "2024-11-21T02:07:26.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-08-12T00:55:03.657",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/59680"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/60081"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/60317"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/60622"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/61577"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://secunia.com/advisories/61640"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/69183"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61577"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94097"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:37

Severity ?

Summary

Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-91/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-92/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490832/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490833/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019842
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41723
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-91/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-92/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490832/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490833/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019842
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41723

Impacted products

Vendor	Product	Version
autonomy	keyview	10.3.0.0
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en mont\u00edculo en emlsd.dll en el lector EML en Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado en IBM Lotus Notes, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un campo largo(1) To(para) , (2) Cc, (3) Bcc, (4) From (desde), (5) Date, (6) Subject (Asunto), (7) Priority, (8) Importance, or (9)cabecera X-MSMail-Priority; (10) una cadena larga al comiezo de un palabra en la cabecera codificada RFC2047; (11)un texto largo al comienzo de un palabra en la cabecera codificada RFC2047; o (12) una cabecera de Subject(Asunto) larga, relacionada con la creaci\u00f3n de un fichero asociado."
    }
  ],
  "id": "CVE-2007-5399",
  "lastModified": "2024-11-21T00:37:48.733",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-91/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-92/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490832/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490833/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019842"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-91/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-92/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490832/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490833/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019842"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41723"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:25

Severity ?

Summary

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67624
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67624
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822

Impacted products

Vendor	Product	Version
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer en kpprzrdr.dll de Autonomy KeyView, como es utilizado en IBM Lotus Notes en versiones anteriores a la 8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un adjunto .prz modificado. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceras partes."
    }
  ],
  "id": "CVE-2011-1217",
  "lastModified": "2024-11-21T01:25:49.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:02.110",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67624"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-05-31 20:55

Modified

2024-11-21 01:26

Severity ?

Summary

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/44624	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/8263
cve@mitre.org	http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow	Exploit
cve@mitre.org	http://www.ibm.com/support/docview.wss?uid=swg21500034
cve@mitre.org	http://www.securityfocus.com/archive/1/518120/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/47962
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/67619
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/44624	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8263
af854a3a-2127-422b-91ae-364da2661108	http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21500034
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/518120/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/47962
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/67619
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203

Impacted products

Vendor	Product	Version
autonomy	keyview	*
ibm	lotus_notes	*
ibm	lotus_notes	3.0
ibm	lotus_notes	3.0.0.1
ibm	lotus_notes	3.0.0.2
ibm	lotus_notes	4.2
ibm	lotus_notes	4.2.1
ibm	lotus_notes	4.2.2
ibm	lotus_notes	4.5
ibm	lotus_notes	4.6
ibm	lotus_notes	4.6.7a
ibm	lotus_notes	4.6.7h
ibm	lotus_notes	5.0
ibm	lotus_notes	5.0.1
ibm	lotus_notes	5.0.1.02
ibm	lotus_notes	5.0.1a
ibm	lotus_notes	5.0.1b
ibm	lotus_notes	5.0.1c
ibm	lotus_notes	5.0.2
ibm	lotus_notes	5.0.2a
ibm	lotus_notes	5.0.2b
ibm	lotus_notes	5.0.2c
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.4
ibm	lotus_notes	5.0.4a
ibm	lotus_notes	5.0.5
ibm	lotus_notes	5.0.5.01
ibm	lotus_notes	5.0.5.02
ibm	lotus_notes	5.0.6
ibm	lotus_notes	5.0.6a
ibm	lotus_notes	5.0.6a.01
ibm	lotus_notes	5.0.7
ibm	lotus_notes	5.0.7a
ibm	lotus_notes	5.0.8
ibm	lotus_notes	5.0.9
ibm	lotus_notes	5.0.9a
ibm	lotus_notes	5.0.10
ibm	lotus_notes	5.0.11
ibm	lotus_notes	5.0.12
ibm	lotus_notes	5.0a
ibm	lotus_notes	5.02
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.2.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.3.1
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.4.1
ibm	lotus_notes	6.5.4.2
ibm	lotus_notes	6.5.4.3
ibm	lotus_notes	6.5.5
ibm	lotus_notes	6.5.5.1
ibm	lotus_notes	6.5.5.2
ibm	lotus_notes	6.5.5.3
ibm	lotus_notes	6.5.6
ibm	lotus_notes	6.5.6.1
ibm	lotus_notes	6.5.6.2
ibm	lotus_notes	6.5.6.3
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1
ibm	lotus_notes	7.0.1.1
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.2.1
ibm	lotus_notes	7.0.2.2
ibm	lotus_notes	7.0.2.3
ibm	lotus_notes	7.0.3
ibm	lotus_notes	7.0.3.1
ibm	lotus_notes	7.0.4
ibm	lotus_notes	7.0.4.0
ibm	lotus_notes	7.0.4.1
ibm	lotus_notes	7.0.4.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A31DE25-F7B5-4AEA-B870-2B852F4FD8A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F06E9E8E-9A82-4665-A848-5E0BAD141A1C",
              "versionEndIncluding": "8.5.2.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "024E3378-AB78-41CE-8BE3-CB26F0FCC6FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "59D68592-A475-4D35-8A8F-5A4EEDA5A1A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9727C084-8043-43D7-9BF3-1D49BBA33772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9409A77C-1927-4C1C-945A-10F8CD8DB287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE08605F-643F-4562-934E-CA46DF3CE57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE78A5CE-28D9-47AB-9831-F4C0F0843EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8376F4C1-44AE-42A8-A087-E3845FD2A0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2851AFEE-2598-4CDC-A1B3-D119A647F4B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "B730F1C4-2A7C-4305-BEA1-4BA1F1B1F955",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C43E91B-492D-42E0-9C59-3DA83AF7367B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987940E-0F70-4C0F-AB8D-A52934B33777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBEDCC0A-FCA0-45C2-B202-BF9F90739893",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A25DD7B4-A33F-4810-84C1-D8C57D044769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "924FC755-DF96-4E83-92DB-BD3877E226A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C944AEC-18C2-487E-8E0F-EC525D21EDF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8EC2158-C008-4AD0-85A5-6B4A210A7752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3715F6-F157-4BF2-80C3-DC5366C0F5DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.2c:*:*:*:*:*:*:*",
              "matchCriteriaId": "89111665-4C64-46A5-955D-DB5A2A73E6BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA83054E-5E6B-48A4-8799-5C8507BFEB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77636603-5AEA-475A-9BB7-3C38198A0327",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DEAC0E-C59B-42DB-BB81-E34C9F843486",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF14DAF5-D52A-4B59-B67A-7878C2A8431D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "8001558A-B47D-420C-9275-979A06D03572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8809E947-43E1-4D92-A5A5-63FEDBF12318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCE790A9-912C-444C-B4B0-BEB212DC4B9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.6a.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "2171E8CD-F42A-41A9-A03D-74BE1DF9040F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21212C5E-A5AB-4080-84A3-603F0425D4CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8F21BD9-A01D-4D3C-831F-80A966F7CF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "32646B3D-C8C6-4325-8546-38A79EF3446A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "312EAEC3-1E31-48E1-8729-E7AF338F608D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "780C6EC1-11FD-458C-B59F-11668BA1E466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7F5626-EB8B-4339-9EB5-C23962DAC95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB071DF-5C48-4FE8-8DCC-68582A3C1EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "46196D69-B5FE-49ED-8032-54B4470487EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD51B7AD-1523-4BF4-8DFF-54D5F9A0E66A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "63ABBCF5-A164-458F-A8C6-75FC6CFE101B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "A174D36F-A4F0-4FE0-AAD7-F57E93BB3805",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:cf3:*:*:*:*:*:*",
              "matchCriteriaId": "8EB4A3EA-DD4C-4E98-8E3A-487F0AE9AED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf1:*:*:*:*:*:*",
              "matchCriteriaId": "0CB2FAA8-176F-4AA2-ADFA-F4401C76BB15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:cf2:*:*:*:*:*:*",
              "matchCriteriaId": "FEEA994A-F8B6-4A0D-8FCD-ED63F83DDA18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "82322774-CEB9-41FD-9319-AE0716EF28CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "34625785-9560-4496-9426-BBEE35F6E52C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C60350-0731-477D-B280-24109509E7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF51F97-14D8-4AC6-B26E-AE9306EAF3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "006C226E-E9CA-4999-B6D4-5DBABF99A4B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9203EC38-2DFD-4259-B636-F9E38AE5AA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C6EF122-510F-4B6D-B2F3-DFD5E8FB76C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1581AEE3-F127-44D8-AA95-6408D9D919A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4598C4A8-B19D-4562-A5B5-D3B090F0C8D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEF2C65-215E-4900-8054-BC35DFA0BDF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE1176C-39C3-4ED6-9689-4107B546F248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1E016DE-149E-41CD-856E-7B3EE8B0702C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1AD22A1-A85C-4755-97CB-6B946E1DBE0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF1B57-680B-45E5-9991-83DDE4634EE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC128482-5AA3-43D9-AE5F-154E8485F699",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2837D777-5C59-4335-A4BC-611397D1D1AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F5FB91-53EE-47BA-84B7-49CE9D83C8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9D74FC-8F26-4D1A-B02B-C4037FF8388A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6E0DFE2-22CA-40AE-8CDB-EF5EEE1E6F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1AD640D-BFDC-4E27-BF8B-4FE35DE87890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB38591-F55A-48B2-AD52-FF266D19BB97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer de memoria din\u00e1mica en xlssr.dll de Autonomy KeyView, como se usa en IBM Lotus Notes en versiones anteriores a 8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un registro BIFF mal formado en un adjunto de hoja de c\u00e1lculo Excel .xls. Tambi\u00e9n conocido como SPR PRAD8E3HKR."
    }
  ],
  "id": "CVE-2011-1512",
  "lastModified": "2024-11-21T01:26:28.903",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-05-31T20:55:02.720",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/8263"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/518120/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67619"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/44624"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/518120/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/47962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18328	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/20855	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1016390
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument&Highlight=0%2CJGAN6B6TZ3
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument&Highlight=0%2CHSAO6BNL6Y
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument&Highlight=0%2CGPKS6C9J67
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument&Highlight=0%2CKSPR699NBP
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument&Highlight=0%2CGPKS5YQGPT
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument&Highlight=0%2CGPKS6C9J67
cve@mitre.org	http://www.securityfocus.com/archive/1/438461/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/16158	Patch
cve@mitre.org	http://www.securityfocus.com/bid/18020
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0081	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2564	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24207
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24211
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27413
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18328	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20855	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016390
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument&Highlight=0%2CJGAN6B6TZ3
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument&Highlight=0%2CHSAO6BNL6Y
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument&Highlight=0%2CGPKS6C9J67
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument&Highlight=0%2CKSPR699NBP
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument&Highlight=0%2CGPKS5YQGPT
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument&Highlight=0%2CGPKS6C9J67
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/438461/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16158	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18020
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0081	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2564	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24207
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24211
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27413

Impacted products

Vendor	Product	Version
ibm	lotus_domino	6.5.0
ibm	lotus_domino	6.5.1
ibm	lotus_domino	6.5.2
ibm	lotus_domino	6.5.3
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino_enterprise_server	6.5.2
ibm	lotus_domino_enterprise_server	6.5.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40882B15-23A7-456C-B4DB-B1C7246BBC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3195CA-CB62-4AEF-AC8C-C985A372FD89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to \"potential security issues\" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP)."
    }
  ],
  "id": "CVE-2006-0119",
  "lastModified": "2024-11-21T00:05:41.547",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20855"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016390"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0%2CJGAN6B6TZ3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0%2CHSAO6BNL6Y"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0%2CKSPR699NBP"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0%2CGPKS5YQGPT"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/438461/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18020"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2564"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24207"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24211"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20855"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0%2CJGAN6B6TZ3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0%2CHSAO6BNL6Y"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0%2CKSPR699NBP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0%2CGPKS5YQGPT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/438461/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24211"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27413"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-12-28 21:46

Modified

2024-11-21 00:40

Severity ?

Summary

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

References

URL	Tags
cve@mitre.org	http://osvdb.org/40933
cve@mitre.org	http://osvdb.org/40934
cve@mitre.org	http://secunia.com/advisories/27860	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1019009
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21289273
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4037
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40933
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40934
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27860	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019009
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21289273
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4037

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:linux:*:*:*:*:*",
              "matchCriteriaId": "462C77C4-A36A-40FD-880F-8ECF947823DF",
              "versionEndIncluding": "8.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes 8 para Linux anterior a 9.0.1 usa (1) permisos d\u00e9biles no especificados para el kit de instalaci\u00f3n obtenido a trav\u00e9s de la descarga de Notes 8 y (2) permisos 0777 para el archivo installdata que crea setup.sh, lo cual permite a usuarios locales obtener privilegios mediante un archivo troyano (Trojan horse file)."
    }
  ],
  "id": "CVE-2007-6594",
  "lastModified": "2024-11-21T00:40:31.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-12-28T21:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40933"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40934"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27860"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019009"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4037"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4037"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-12-31 05:00

Modified

2024-11-20 23:52

Severity ?

Summary

Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/12046	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	Patch
cve@mitre.org	http://www.osvdb.org/8416	Patch
cve@mitre.org	http://www.osvdb.org/8417	Patch
cve@mitre.org	http://www.securityfocus.com/bid/10704
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12046	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/8416	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/8417	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10704

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3."
    }
  ],
  "id": "CVE-2004-2281",
  "lastModified": "2024-11-20T23:52:57.200",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12046"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8416"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8417"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10704"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8416"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/8417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10704"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-10-29 22:46

Modified

2024-11-21 00:35

Severity ?

Summary

Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930	Patch
cve@mitre.org	http://www.securityfocus.com/bid/26200	Patch
cve@mitre.org	http://www.securitytracker.com/id?1018857
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/37363
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26200	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018857
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/37363

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
              "versionEndIncluding": "7.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la funci\u00f3n TagAttributeListCopy en nnotes.dll de BM Lotus Notes versiones anteriores a 7.0.3 permite a atacantes remotos con la complicidad del usuario ejecutar c\u00f3digo de su elecci\u00f3n mediante  un correo electr\u00f3nico HTML manipulado, relativo a duplicar una conversi\u00f3n RTF cuando el destinatario opera con este correo electr\u00f3nico."
    }
  ],
  "id": "CVE-2007-4222",
  "lastModified": "2024-11-21T00:35:04.677",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-10-29T22:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26200"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018857"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37363"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-07-21 04:00

Modified

2024-11-20 23:33

Severity ?

Summary

A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.

References

URL	Tags
cve@mitre.org	http://www.kb.cert.org/vuls/id/5962	Exploit, Patch, Third Party Advisory, US Government Resource
cve@mitre.org	http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5045
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/5962	Exploit, Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5045

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E321FE41-5FF3-4E79-BE77-AE96B92075C7",
              "versionEndIncluding": "5.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email."
    }
  ],
  "id": "CVE-2000-0891",
  "lastModified": "2024-11-20T23:33:30.733",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-07-21T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/5962"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.notes.net/R5FixList.nsf/Search%21SearchView\u0026Query=CBAT45TU9S"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/5962"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.notes.net/R5FixList.nsf/Search%21SearchView\u0026Query=CBAT45TU9S"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5045"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-04-29 17:30

Modified

2024-11-21 01:14

Severity ?

Summary

Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38622	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/38300
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/58322
cve@mitre.org	https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38622	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38300
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/58322
af854a3a-2127-422b-91ae-364da2661108	https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0.  NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en IBM Lotus Notes v8.5 y v8.5fp1, y posiblemente otras versiones, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores de ataque desconocidos, como lo demuestra el m\u00f3dulo vd_ln en VulnDisco v9.0. NOTA: a 22/02/2010, esta revelaci\u00f3n no tiene informaci\u00f3n de acciones concretas. Sin embargo, el autor es un investigador reconocido de VulnDisco, la incidencia tiene asignado un identificador CVE fines de seguimiento."
    }
  ],
  "id": "CVE-2010-1608",
  "lastModified": "2024-11-21T01:14:47.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-04-29T17:30:00.853",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38622"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38300"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58322"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58322"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18328	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument&Highlight=0%2CMKIN67MQVW
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument&Highlight=0%2CMKIN693QUT
cve@mitre.org	http://www.securityfocus.com/bid/16158	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0081
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24223
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18328	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument&Highlight=0%2CMKIN67MQVW
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument&Highlight=0%2CMKIN693QUT
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16158	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0081
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24223

Impacted products

Vendor	Product	Version
ibm	lotus_domino	6.5.0
ibm	lotus_domino	6.5.1
ibm	lotus_domino	6.5.2
ibm	lotus_domino	6.5.3
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino_enterprise_server	6.5.2
ibm	lotus_domino_enterprise_server	6.5.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40882B15-23A7-456C-B4DB-B1C7246BBC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3195CA-CB62-4AEF-AC8C-C985A372FD89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory."
    }
  ],
  "id": "CVE-2006-0121",
  "lastModified": "2024-11-21T00:05:41.850",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0%2CMKIN67MQVW"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0%2CMKIN693QUT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0%2CMKIN67MQVW"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0%2CMKIN693QUT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24223"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-07-09 04:00

Modified

2024-11-20 23:58

Severity ?

Summary

The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1014440
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014440

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99CADAC9-376A-430B-B228-84F0FA401154",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."
    }
  ],
  "id": "CVE-2005-2175",
  "lastModified": "2024-11-20T23:58:57.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-07-09T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1014440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1014440"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-05 19:30

Modified

2024-11-21 01:06

Severity ?

Summary

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858	Exploit
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21440812
cve@mitre.org	http://www.securityfocus.com/bid/38468
cve@mitre.org	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21440812
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38468
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00

Impacted products

Vendor	Product	Version
ibm	lotus_notes	8.5
symantec	brightmail_gateway	8.0
symantec	data_loss_prevention_detection_servers	8.1.1
symantec	data_loss_prevention_detection_servers	8.1.1
symantec	data_loss_prevention_detection_servers	9.0.1
symantec	data_loss_prevention_detection_servers	9.0.1
symantec	data_loss_prevention_detection_servers	10.0
symantec	data_loss_prevention_detection_servers	10.0
symantec	data_loss_prevention_endpoint_agents	8.1.1
symantec	data_loss_prevention_endpoint_agents	9.0.1
symantec	data_loss_prevention_endpoint_agents	10.0
symantec	im_manager_2007	*
symantec	mail_security	5.0.0
symantec	mail_security	5.0.1.181
symantec	mail_security	5.0.1.182
symantec	mail_security	5.0.1.189
symantec	mail_security	5.0.11
symantec	mail_security	5.0.12
symantec	mail_security	5.0.13
symantec	mail_security	6.0.6
symantec	mail_security	6.0.7
symantec	mail_security	6.0.8
symantec	mail_security	7.5.3.25
symantec	mail_security	7.5.4.29
symantec	mail_security	7.5.5.32
symantec	mail_security	7.5.6
symantec	mail_security	7.5.7
symantec	mail_security	7.5.8
symantec	mail_security	8.0
symantec	mail_security	8.0.1
symantec	mail_security	8.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
              "matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
              "matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
              "matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*",
              "matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*",
              "matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
              "matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*",
              "matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*",
              "matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."
    }
  ],
  "id": "CVE-2009-3032",
  "lastModified": "2024-11-21T01:06:21.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-03-05T19:30:00.313",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38468"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-12-31 05:00

Modified

2024-11-20 23:37

Severity ?

Summary

Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.

References

▼	URL	Tags
	cve@mitre.org	http://www.securityfocus.com/archive/1/221986
	cve@mitre.org	http://www.securityfocus.com/archive/1/222212
	cve@mitre.org	http://www.securityfocus.com/bid/3458
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/7323
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/221986
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/222212
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3458
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/7323

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	4.6
	ibm	lotus_notes	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A697B26-0600-416A-B0FA-BE031EB6D8A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message."
    }
  ],
  "id": "CVE-2001-1504",
  "lastModified": "2024-11-20T23:37:50.617",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/221986"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/222212"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/3458"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/221986"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/222212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/3458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7323"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-11-10 01:07

Modified

2024-11-21 00:20

Severity ?

Summary

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/22741	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1017203
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026	Patch
cve@mitre.org	http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf	Exploit, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/20960
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4411
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/30118
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/22741	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017203
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20960
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4411
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/30118

Impacted products

Vendor	Product	Version
ibm	lotus_notes	5.0.3
ibm	lotus_notes	5.0.12
ibm	lotus_notes	6.0
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4B2601-B62F-4235-BFFD-281235737450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "273DF27B-9441-4925-BD7E-5709D7D059EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file."
    },
    {
      "lang": "es",
      "value": "El protocolo de Notes Remote Procedure Call (NRPC) en el IBM Lotus Notes Domino en versiones anteriores a la 6.5.5 FP2 y 7.x antes de la 7.0.2 no requiere autenticaci\u00f3n para realizar b\u00fasqueda de usuarios, lo que permite a atacantes remotos la obtenci\u00f3n de los ficheros de identificaci\u00f3n (ID) de los usuarios."
    }
  ],
  "id": "CVE-2006-5835",
  "lastModified": "2024-11-21T00:20:45.053",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-11-10T01:07:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22741"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017203"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20960"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/4411"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/22741"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20960"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/4411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30118"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-10 02:46

Modified

2024-11-21 00:38

Severity ?

Summary

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/27304	Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3357
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
cve@mitre.org	http://securitytracker.com/id?1018853
cve@mitre.org	http://securitytracker.com/id?1018886
cve@mitre.org	http://vuln.sg/lotusnotes702-en.html
cve@mitre.org	http://vuln.sg/lotusnotes702wpd-en.html
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
cve@mitre.org	http://www.securityfocus.com/archive/1/482664
cve@mitre.org	http://www.securityfocus.com/bid/26175
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3596
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3697
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27304	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3357
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018853
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018886
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702-en.html
af854a3a-2127-422b-91ae-364da2661108	http://vuln.sg/lotusnotes702wpd-en.html
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482664
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26175
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3596
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3697

Impacted products

Vendor	Product	Version
activepdf	docconverter	3.8.2_.5
autonomy	keyview_export_sdk	*
autonomy	keyview_filter_sdk	*
autonomy	keyview_viewer_sdk	*
ibm	lotus_notes	*
symantec	mail_security	5.0
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.0.24
symantec	mail_security	5.0.1
symantec	mail_security	7.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.2_.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D165E31-F294-4F7E-959F-7AFE69AF90A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "872E3116-26DC-492D-94EA-7BE531299FF8",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07FFE40A-6A96-4131-B537-8A4D8C1494AD",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E88061-F0E3-4CA9-8FCE-4B69FE4F3844",
              "versionEndIncluding": "9.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F61B72CC-BC8D-40AF-AE72-5A6EEFB53B10",
              "versionEndIncluding": "7.0.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "0648861C-A58E-4103-8720-4480C2F098FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.24:*:appliance:*:*:*:*:*",
              "matchCriteriaId": "977786AB-A76C-4A1C-8999-BF4A5E08F8BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
              "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el Autonomy (antiguamente Verity) KeyView Viewer, en el Filter y en el Export SDK anterior al 9.2.0.12, como el utilizado en el ActivePDF DocConverter, en el wp6sr.dll del IBM Lotus Notes 8.0 y anteriores al 7.0.3, en el Symantec Mail Security y en otros productos, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero modificado de WordPerfect (WPD)."
    }
  ],
  "id": "CVE-2007-5910",
  "lastModified": "2024-11-21T00:38:55.483",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-11-10T02:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27304"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3357"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018853"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018886"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://vuln.sg/lotusnotes702wpd-en.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/482664"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26175"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3596"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018886"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://vuln.sg/lotusnotes702wpd-en.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3697"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-04-11 01:19

Modified

2024-11-21 00:29

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21247201	Vendor Advisory
cve@mitre.org	http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt
cve@mitre.org	http://www.securityfocus.com/bid/23421
cve@mitre.org	http://www.securitytracker.com/id?1017870	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21247201	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/23421
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1017870	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.5.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la caracter\u00edstica Active Content Filter de Domino Web Access (DWA) en IBM Lotus Notes anterior a 6.5.6 y 7.x anterior a 7.0.2 FP1 permite a atacantes remotos  inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante un mensaje de correo electr\u00f3nico del tipo multipart/related, un asunto diferente que CVE-2006-4843."
    }
  ],
  "id": "CVE-2007-1941",
  "lastModified": "2024-11-21T00:29:30.920",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-04-11T01:19:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/23421"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securitytracker.com/id?1017870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/23421"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securitytracker.com/id?1017870"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion".

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18328	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument
cve@mitre.org	http://www.securityfocus.com/bid/16158	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0081
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24205
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18328	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16158	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0081
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24205

Impacted products

Vendor	Product	Version
ibm	lotus_domino	6.5.0
ibm	lotus_domino	6.5.1
ibm	lotus_domino	6.5.2
ibm	lotus_domino	6.5.3
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino_enterprise_server	6.5.2
ibm	lotus_domino_enterprise_server	6.5.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40882B15-23A7-456C-B4DB-B1C7246BBC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3195CA-CB62-4AEF-AC8C-C985A372FD89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving \"CD to MIME Conversion\"."
    }
  ],
  "id": "CVE-2006-0117",
  "lastModified": "2024-11-21T00:05:41.260",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24205"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-04-20 22:02

Modified

2024-11-21 00:10

Severity ?

Summary

The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient.

References

▼	URL	Tags
	cve@mitre.org	http://securitytracker.com/id?1015914
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21232945
	af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015914
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21232945

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	6.0
	ibm	lotus_notes	6.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The \"Add Sender to Address Book\" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient."
    }
  ],
  "id": "CVE-2006-1948",
  "lastModified": "2024-11-21T00:10:09.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2006-04-20T22:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015914"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015914"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-04-20 15:30

Modified

2024-11-21 01:14

Severity ?

Summary

IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/39507	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21427073
cve@mitre.org	http://www.securityfocus.com/bid/39525
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/39507	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21427073
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/39525
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725

Impacted products

Vendor	Product	Version
ibm	lotus_notes	7.0
ibm	lotus_notes	8.0
ibm	lotus_notes	8.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes v7.0, v8.0, y v8.5 almacena credenciales administrativas en cleartext en SURunAs.exe, lo que permite a usuarios locales obtener informaci\u00f3n sensible examinando ese archivo, conocido como SPR JSTN837SEG."
    }
  ],
  "id": "CVE-2010-1487",
  "lastModified": "2024-11-21T01:14:31.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-04-20T15:30:00.710",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39507"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/39525"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/39507"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/39525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-01-11 00:55

Modified

2024-11-21 01:43

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

References

URL	Tags
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
psirt@us.ibm.com	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51326	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51327	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51328	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51393	Third Party Advisory
psirt@us.ibm.com	http://secunia.com/advisories/51634	Third Party Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	Third Party Advisory, VDB Entry
psirt@us.ibm.com	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1465.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1466.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/bugtraq/2012/Sep/38	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51326	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51327	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51328	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51393	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51634	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55495	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	java	*
ibm	java	*
ibm	java	*
ibm	java	*
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_notes	8.0
ibm	lotus_notes	8.0.0
ibm	lotus_notes	8.0.1
ibm	lotus_notes	8.0.2
ibm	lotus_notes	8.0.2.0
ibm	lotus_notes	8.0.2.1
ibm	lotus_notes	8.0.2.2
ibm	lotus_notes	8.0.2.3
ibm	lotus_notes	8.0.2.4
ibm	lotus_notes	8.0.2.5
ibm	lotus_notes	8.0.2.6
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.4
ibm	lotus_notes_sametime	8.0.80407
ibm	lotus_notes_sametime	8.0.80822
ibm	lotus_notes_sametime	8.5.1.20100709-1631
ibm	lotus_notes_traveler	8.0
ibm	lotus_notes_traveler	8.0.1
ibm	lotus_notes_traveler	8.0.1.2
ibm	lotus_notes_traveler	8.0.1.3
ibm	lotus_notes_traveler	8.5.0.0
ibm	lotus_notes_traveler	8.5.0.1
ibm	lotus_notes_traveler	8.5.0.2
ibm	lotus_notes_traveler	8.5.1.1
ibm	lotus_notes_traveler	8.5.1.2
ibm	lotus_notes_traveler	8.5.1.3
ibm	lotus_notes_traveler	8.5.2.1
ibm	lotus_notes_traveler	8.5.3
ibm	lotus_notes_traveler	8.5.3.1
ibm	lotus_notes_traveler	8.5.3.2
ibm	lotus_notes_traveler	8.5.3.3
ibm	lotus_notes_traveler	8.5.3.3
ibm	rational_change	4.7
ibm	rational_change	5.1
ibm	rational_change	5.2
ibm	rational_change	5.3
ibm	rational_host_on-demand	1.6.0.12
ibm	rational_host_on-demand	8.0.8.0
ibm	rational_host_on-demand	9.0.8.0
ibm	rational_host_on-demand	10.0.9.0
ibm	rational_host_on-demand	10.0.10.0
ibm	rational_host_on-demand	11.0.3.0
ibm	rational_host_on-demand	11.0.4.0
ibm	rational_host_on-demand	11.0.5.0
ibm	rational_host_on-demand	11.0.5.1
ibm	rational_host_on-demand	11.0.6.0
ibm	rational_host_on-demand	11.0.6.1
ibm	service_delivery_manager	7.2.1.0
ibm	service_delivery_manager	7.2.2.0
ibm	smart_analytics_system_5600_software	-
ibm	smart_analytics_system_5600_software	9.7
ibm	tivoli_monitoring	6.1.0
ibm	tivoli_monitoring	6.1.0.7
ibm	tivoli_monitoring	6.2.0
ibm	tivoli_monitoring	6.2.0.1
ibm	tivoli_monitoring	6.2.0.2
ibm	tivoli_monitoring	6.2.0.3
ibm	tivoli_monitoring	6.2.1
ibm	tivoli_monitoring	6.2.1.0
ibm	tivoli_monitoring	6.2.1.1
ibm	tivoli_monitoring	6.2.1.2
ibm	tivoli_monitoring	6.2.1.3
ibm	tivoli_monitoring	6.2.1.4
ibm	tivoli_monitoring	6.2.2
ibm	tivoli_monitoring	6.2.2.0
ibm	tivoli_monitoring	6.2.2.1
ibm	tivoli_monitoring	6.2.2.2
ibm	tivoli_monitoring	6.2.2.3
ibm	tivoli_monitoring	6.2.2.4
ibm	tivoli_monitoring	6.2.2.5
ibm	tivoli_monitoring	6.2.2.6
ibm	tivoli_monitoring	6.2.2.7
ibm	tivoli_monitoring	6.2.2.8
ibm	tivoli_monitoring	6.2.2.9
ibm	tivoli_monitoring	6.2.3
ibm	tivoli_monitoring	6.2.3.0
ibm	tivoli_monitoring	6.2.3.1
ibm	tivoli_monitoring	6.2.3.2
ibm	tivoli_remote_control	5.1.2
ibm	websphere_real_time	2.0
ibm	websphere_real_time	3.0
tivoli_storage_productivity_center	5.0	*
tivoli_storage_productivity_center	5.1	*
tivoli_storage_productivity_center	5.1.1	*
ibm	smart_analytics_system_5600	7200

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
              "versionEndIncluding": "1.4.2.13.13",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
              "versionEndIncluding": "5.0.14.0",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
              "versionEndIncluding": "6.0.11.0",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
              "versionEndIncluding": "7.0.2.0",
              "versionStartIncluding": "7.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
              "matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
              "matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, ejecutandose en un gestor de seguridad, permite a atacantes remotos obtener privilegios modificando o eliminando el gestor de seguridad a trav\u00e9s de vectores relacionados con \"uso inseguro del m\u00e9todo java.lang.reflect.Method invoke()\""
    }
  ],
  "id": "CVE-2012-4820",
  "lastModified": "2024-11-21T01:43:33.500",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2013-01-11T00:55:00.963",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/bugtraq/2012/Sep/38"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51327"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/51634"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/55495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-10-29 21:46

Modified

2024-11-21 00:38

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/27321	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21257030	Broken Link, Patch
cve@mitre.org	http://www.securityfocus.com/bid/26146	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt	Not Applicable
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3598	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27321	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21257030	Broken Link, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26146	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3598	Permissions Required

Impacted products

Vendor	Product	Version
ibm	lotus_domino	*
ibm	lotus_domino	*
ibm	lotus_domino	6.5.5
ibm	lotus_domino	7.0.2
ibm	lotus_notes	*
ibm	lotus_notes	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED2E3AB3-15AF-42F8-9AAC-8A7D3C553474",
              "versionEndExcluding": "6.5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34C250E2-C8A3-4160-85E2-5DAFADFC2507",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "6ADFA292-0E8C-489E-9D97-99996D3EB626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:7.0.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "EF980FE0-9048-4EB3-A520-462C9419EFF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A19CCBD6-5626-4250-97A3-FDBBB6B67A66",
              "versionEndIncluding": "6.5.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30DAD9B-D09E-4011-A7B2-8F1E401DFE5F",
              "versionEndExcluding": "7.0.3",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes versiones anteriores 6.5.6, y 7.x versiones anteriores a 7.0.3; y Domino versiones anteriores 6.5.5 FP3, y 7.x versiones anteriores 7.0.2 FP1; utiliza permisos d\u00e9biles (Control Total:Todos) para ficheros mapeados en memoria (memoria compartida) en IPC, lo cual permite a usuarios locales obtener informaci\u00f3n confidencial, o inyectar Lotus Script u otras secuencias de caracteres en una sesi\u00f3n."
    }
  ],
  "id": "CVE-2007-5544",
  "lastModified": "2024-11-21T00:38:09.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2007-10-29T21:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27321"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/26146"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3598"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27321"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/26146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/3598"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-10 18:05

Modified

2024-11-21 00:39

Severity ?

Summary

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/27763	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28140	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28209	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/28210	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/29342	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-104/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-105/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-106/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2007-107/advisory/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://securitytracker.com/id?1019805
PSIRT-CNA@flexerasoftware.com	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490827/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490829/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490830/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/490831/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/28454
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1019841
PSIRT-CNA@flexerasoftware.com	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1153
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1154
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2008/1156
PSIRT-CNA@flexerasoftware.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/41716
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27763	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28209	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28210	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29342	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-104/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-105/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-106/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2007-107/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019805
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490827/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490829/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490830/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/490831/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/28454
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019841
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1153
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1154
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1156
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41716

Impacted products

Vendor	Product	Version
activepdf	docconverter	3.8.4.0
autonomy	keyview	2.0.0.2
autonomy	keyview	10.3.0.0
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	7.0.2
ibm	lotus_notes	7.0.3
symantec	mail_security	5.0
symantec	mail_security	5.0.0
symantec	mail_security	5.0.1
symantec	mail_security	7.5
symantec	mail_security_appliance	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:activepdf:docconverter:3.8.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4286B71-18BA-4BC0-9E2C-6D00A24974E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:2.0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6634684-2416-4A5C-A5C7-B1E946B33419",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview:10.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "589D3BC2-ED1F-4C5B-8F94-67AE1909580D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3449A490-865A-4262-8482-429DEF455644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
              "matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
              "matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security:7.5:*:domino:*:*:*:*:*",
              "matchCriteriaId": "7D29BE63-3E26-4136-BAB1-AA3D50BA71F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:mail_security_appliance:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA92128-13DD-47D8-8822-23C4CDDFB715",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en foliosr.dll en el lector r\u00e1pido Folio Flat File de Autonomy (anteriormente Verity) KeyView 10.3.0.0, usado por IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, permiten a atacentes remotos ejecutar c\u00f3digo de su elecci\u00f3na trav\u00e9s de un valor largo en los atributos de las etiquetas (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS en un fichero .fff."
    }
  ],
  "id": "CVE-2007-6020",
  "lastModified": "2024-11-21T00:39:11.773",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-04-10T18:05:00.000",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-104/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-105/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-106/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-107/advisory/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1019841"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27763"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28209"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-104/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-105/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-106/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2007-107/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1156"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-09-07 10:32

Modified

2024-11-21 01:22

Severity ?

Summary

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References

▼	URL	Tags
	cve@mitre.org	http://secunia.com/advisories/41223	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41223	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	lotus_notes	8.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de path de b\u00fasqueda no confiable en IBM Lotus Notes v8.5, podr\u00eda permitir a usuario locales obtener privilegios a trav\u00e9s de un fichero (1) nnoteswc.dll o (2) nlsxbe.dll troyanizados en el directorio de trabajo actual, como se demostr\u00f3 mediante un directorio que conten\u00eda ficheros .vcf, .vcs, o .ics. NOTA: La procedencia de esta informaci\u00f3n es desconocida. Algunos de estos detalles se han obtenido de terceros."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426 Untrusted Search Path\u0027",
  "id": "CVE-2010-5251",
  "lastModified": "2024-11-21T01:22:51.800",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-09-07T10:32:22.447",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41223"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41223"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-02-21 01:44

Modified

2024-11-21 00:43

Severity ?

Summary

IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection.

References

▼	URL	Tags
	cve@mitre.org	http://secunia.com/advisories/29031
	cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21257250
	cve@mitre.org	http://www.vupen.com/english/advisories/2008/0600/references
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29031
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21257250
	af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0600/references

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes 6.0, 6.5, 7.0, y 8.0 firma un applet sin asignaci\u00f3n cuando un usuario reenv\u00eda un correo a otro, que permite a atacantes remotos asistidos por el usuario evitar la protecci\u00f3n Execution Control List (ECL."
    }
  ],
  "id": "CVE-2008-0862",
  "lastModified": "2024-11-21T00:43:05.863",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-02-21T01:44:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29031"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/0600/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/0600/references"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-20 23:59

Severity ?

Summary

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/16100	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/16280	Patch, Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-32/advisory/	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-34/advisory/	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-36/advisory/	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-37/advisory/	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-66/advisory/	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015657	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	Patch
cve@mitre.org	http://www.kb.cert.org/vuls/id/884076	Third Party Advisory, US Government Resource
cve@mitre.org	http://www.osvdb.org/23064	Patch
cve@mitre.org	http://www.osvdb.org/23065	Patch
cve@mitre.org	http://www.osvdb.org/23066	Patch
cve@mitre.org	http://www.osvdb.org/23067	Patch
cve@mitre.org	http://www.osvdb.org/23068	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/424626/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/424666/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/424689/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/424692/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/16576
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0500
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0501	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24635
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24636
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24638
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24639
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16100	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/16280	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-32/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-34/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-36/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-37/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-66/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015657	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/884076	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23064	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23065	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23066	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23067	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/23068	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424626/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424666/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424689/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/424692/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16576
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0500
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0501	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24635
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24636
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24638
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24639

Impacted products

Vendor	Product	Version
autonomy	keyview_export_sdk	*
autonomy	keyview_filter_sdk	*
autonomy	keyview_viewer_sdk	*
ibm	lotus_notes	6.0.1
ibm	lotus_notes	6.0.2
ibm	lotus_notes	6.0.3
ibm	lotus_notes	6.0.4
ibm	lotus_notes	6.0.5
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4
ibm	lotus_notes	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_export_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CD7AAC-E4E2-47E4-A34D-47C670FA6254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_filter_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "754BD2C9-2100-4B21-B164-47487434D9E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autonomy:keyview_viewer_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B6DDCD8-B9AD-4757-A067-CF99372D7326",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "55D037CC-1207-48E2-882E-8B236EE7138F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5059BEF2-84EB-4B5F-84F5-9E3200B068F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB71B7AA-957B-46A6-9BC9-CE23EC721189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "46CF28C0-51AD-4783-B1F0-205DF64D133A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C0015A2-A70E-4B0C-B59A-44F5F611293D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll)."
    }
  ],
  "id": "CVE-2005-2618",
  "lastModified": "2024-11-20T23:59:58.797",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16100"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16280"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-32/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-34/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-36/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-37/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-66/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015657"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/884076"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23064"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23065"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23066"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23067"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23068"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16576"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0500"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0501"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16100"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/16280"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-32/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-34/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-36/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-37/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-66/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/884076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23066"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/23068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16576"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2014-04-23 19:55

Modified

2024-11-21 02:02

Severity ?

Summary

IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21670264	Vendor Advisory
psirt@us.ibm.com	http://www.kb.cert.org/vuls/id/350089	US Government Resource
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21670264	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/350089	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/91286

Impacted products

Vendor	Product	Version
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1
ibm	lotus_domino	8.5.1.2
ibm	lotus_domino	8.5.1.3
ibm	lotus_domino	8.5.1.4
ibm	lotus_domino	8.5.1.5
ibm	lotus_domino	8.5.2.0
ibm	lotus_domino	8.5.2.1
ibm	lotus_domino	8.5.2.2
ibm	lotus_domino	8.5.2.3
ibm	lotus_domino	8.5.2.4
ibm	lotus_domino	8.5.3.0
ibm	lotus_domino	8.5.3.1
ibm	lotus_domino	8.5.3.2
ibm	lotus_domino	8.5.3.3
ibm	lotus_domino	8.5.3.4
ibm	lotus_domino	8.5.3.5
ibm	lotus_domino	8.5.3.6
ibm	lotus_domino	9.0.0.0
ibm	lotus_domino	9.0.1.0
linux	linux_kernel	*
ibm	lotus_notes	8.5
ibm	lotus_notes	8.5.0.0
ibm	lotus_notes	8.5.0.1
ibm	lotus_notes	8.5.1
ibm	lotus_notes	8.5.1.0
ibm	lotus_notes	8.5.1.1
ibm	lotus_notes	8.5.1.2
ibm	lotus_notes	8.5.1.3
ibm	lotus_notes	8.5.1.4
ibm	lotus_notes	8.5.1.5
ibm	lotus_notes	8.5.2.0
ibm	lotus_notes	8.5.2.1
ibm	lotus_notes	8.5.2.2
ibm	lotus_notes	8.5.2.3
ibm	lotus_notes	8.5.3
ibm	lotus_notes	8.5.3.1
ibm	lotus_notes	8.5.3.2
ibm	lotus_notes	8.5.3.3
ibm	lotus_notes	8.5.3.4
ibm	lotus_notes	8.5.3.5
ibm	lotus_notes	8.5.3.6
ibm	lotus_notes	9.0.0.0
ibm	lotus_notes	9.0.1.0
linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC1A8676-B2CA-49FF-A43E-EAC62170BF82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "71ADC0C5-36E9-426E-B302-56804B1800BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "24863689-9472-4C56-B3A8-3053494437C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B19F27-E6EE-41AA-937D-173E592A9278",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7025B610-6988-4A78-B0ED-6FB728AA6C28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA3B3D5F-EB63-4ABA-8A27-BD654422DA54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DBDF9A3-CFB2-42B3-B125-93B8A36E0ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9991C0A7-EF7B-48AF-BB7B-B54A1F2AB99E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3203D4-354C-46B2-B68C-5B23CDD5146B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9AE476E-4245-4136-A713-4E725B53CD86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "234A9059-B0DE-4BEB-ADC4-76F906D86ECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:9.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A53C163-AA20-4228-8BE4-58E22F742557",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W."
    },
    {
      "lang": "es",
      "value": "IBM Notes y Domino 8.5.x anterior a 8.5.3 FP6 IF3 y 9.x anterior a 9.0.1 FP1 en plataformas de 32-bit de Linux utilizan opciones gcc incorrectas, lo que facilita a atacantes remotos ejecutar c\u00f3digo arbitrario mediante el aprovechamiento de la ausencia del mecanismo de protecci\u00f3n NX y la colocaci\u00f3n de c\u00f3digo x86 manipulado en la pila, tambi\u00e9n conocido como SPR KLYH9GGS9W."
    }
  ],
  "id": "CVE-2014-0892",
  "lastModified": "2024-11-21T02:02:59.523",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-04-23T19:55:05.173",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/350089"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91286"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/350089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91286"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18328	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument
cve@mitre.org	http://www.securityfocus.com/bid/16158	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0081
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24206
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18328	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16158	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0081
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24206

Impacted products

Vendor	Product	Version
ibm	lotus_domino	6.5.0
ibm	lotus_domino	6.5.1
ibm	lotus_domino	6.5.2
ibm	lotus_domino	6.5.3
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino_enterprise_server	6.5.2
ibm	lotus_domino_enterprise_server	6.5.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40882B15-23A7-456C-B4DB-B1C7246BBC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3195CA-CB62-4AEF-AC8C-C985A372FD89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas."
    }
  ],
  "id": "CVE-2006-0118",
  "lastModified": "2024-11-21T00:05:41.397",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24206"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-20 23:59

Severity ?

Summary

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/19537	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27342	Vendor Advisory
cve@mitre.org	http://secunia.com/secunia_research/2005-29/advisory/	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1017086
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
cve@mitre.org	http://www.kb.cert.org/vuls/id/383092	US Government Resource
cve@mitre.org	http://www.osvdb.org/29761
cve@mitre.org	http://www.securityfocus.com/archive/1/449126/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/20612
cve@mitre.org	http://www.vupen.com/english/advisories/2006/4093	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/29660
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19537	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27342	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2005-29/advisory/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1017086
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/383092	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/29761
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/449126/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/20612
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/4093	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/29660

Impacted products

Vendor	Product	Version
ibm	lotus_notes	6.5.4
ibm	lotus_notes	6.5.5
ibm	lotus_notes	7.0.0
ibm	lotus_notes	7.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63D40DF-C6F3-4502-9816-939265F10532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "957BA698-9D48-4906-9FF3-584927C978B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "94646433-DE15-4214-9C78-7D1DAB5A12D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the \"Notes\" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder."
    }
  ],
  "evaluatorSolution": "Update to version 7.0.2.",
  "id": "CVE-2005-2454",
  "lastModified": "2024-11-20T23:59:35.500",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19537"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27342"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-29/advisory/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1017086"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/383092"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/29761"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/449126/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/20612"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4093"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19537"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2005-29/advisory/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1017086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/383092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/29761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/449126/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/20612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/4093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29660"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-01-09 11:03

Modified

2024-11-21 00:05

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN).

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18328	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument
cve@mitre.org	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument
cve@mitre.org	http://www.securityfocus.com/bid/16158	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0081
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24212
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24213
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24214
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24215
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24216
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24217
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18328	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg27007054
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16158	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0081
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24212
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24213
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24214
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24215
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24216
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24217

Impacted products

Vendor	Product	Version
ibm	lotus_domino	6.5.0
ibm	lotus_domino	6.5.1
ibm	lotus_domino	6.5.2
ibm	lotus_domino	6.5.3
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino	6.5.4
ibm	lotus_domino_enterprise_server	6.5.2
ibm	lotus_domino_enterprise_server	6.5.4
ibm	lotus_notes	6.5
ibm	lotus_notes	6.5.1
ibm	lotus_notes	6.5.2
ibm	lotus_notes	6.5.3
ibm	lotus_notes	6.5.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0766C3F9-D2A2-4A58-9FF7-11B57232DEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00B8057-26DF-4064-A934-0AA88A0C1A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EFA5487-2D61-4E61-98A3-51882A8CE0C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95404CC-47B8-40C6-BCED-FC3E68CA8D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F342FD1-7A60-4E7D-B56A-E1C3D560C728",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "99E2CC18-4049-470A-B6DB-580C65FED0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2396543F-1507-493C-B57F-3082D6E68894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "40882B15-23A7-456C-B4DB-B1C7246BBC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_enterprise_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D3195CA-CB62-4AEF-AC8C-C985A372FD89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94927A9-61FD-459F-9A6D-E581A4AF505C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3B32BA2-9EB7-4294-A857-226A5B1CC401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF64CA16-6C20-42E1-BA68-BD63A873BFA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D7DD7B-CA90-44A5-9B7B-4A4985150689",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an \"Out Of Office\" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the \"Delete Attachment\" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN)."
    }
  ],
  "id": "CVE-2006-0120",
  "lastModified": "2024-11-21T00:05:41.703",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-09T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24212"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24213"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24214"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24215"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24216"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18328"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24217"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-12-28 21:46

Modified

2024-11-21 00:40

Severity ?

Summary

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

References

URL	Tags
cve@mitre.org	http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html
cve@mitre.org	http://secunia.com/advisories/27835	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27836	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/27849	Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/3499
cve@mitre.org	http://securitytracker.com/id?1019002
cve@mitre.org	http://www.coresecurity.com/index.php5?action=item&id=2008
cve@mitre.org	http://www.ibm.com/support/docview.wss?rs=475&uid=swg21285600
cve@mitre.org	http://www.securityfocus.com/archive/1/484272/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/26604
cve@mitre.org	http://www.securitytracker.com/id?1019096
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4012
cve@mitre.org	http://www.vupen.com/english/advisories/2007/4020
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/38645
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27835	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27836	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27849	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/3499
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019002
af854a3a-2127-422b-91ae-364da2661108	http://www.coresecurity.com/index.php5?action=item&id=2008
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?rs=475&uid=swg21285600
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/484272/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26604
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019096
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4012
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4020
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/38645

Impacted products

Vendor	Product	Version
ibm	lotus_notes	5.0
ibm	lotus_notes	6.0
ibm	lotus_notes	6.5
ibm	lotus_notes	7.0
ibm	lotus_notes	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D5D749-546A-4655-A0BF-0A2D4E9F51A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E234AD1-7202-421E-82C8-880E84876021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1360A50E-C1E1-4690-874A-04CC7C1A77CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "68AEB13D-C7C6-426F-8484-85EFF7245DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en l123sr.dll de Autonomy (anteriormente Verity) KeyView SDK, usado por IBM Lotus Notes 5.x hasta 8.x, permiten a atacantes remotos con la intervenci\u00f3n del usuario ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de los campos (1) Length y  (2) Value para determinados tipos (Types en un archivo Lotus 1-2-3 (.123) en el formato Worksheet File (WKS), como se ha demostrado mediante un archivo con un registro SRANGE manipulado, una vulnerabilidad diferente de CVE-2007-5909."
    }
  ],
  "id": "CVE-2007-6593",
  "lastModified": "2024-11-21T00:40:31.327",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 8.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-12-28T21:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27835"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27836"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27849"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/3499"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019002"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/484272/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/26604"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019096"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4012"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/4020"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38645"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/3499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/484272/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/26604"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4020"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38645"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2007-4309

Vulnerability from cvelistv5

Published

2007-08-13 21:00

Modified

2024-09-16 17:59

Severity ?

Summary

IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.

References

▼	URL	Tags
	http://securitytracker.com/id?1018433	vdb-entry, x_refsource_SECTRACK
	http://www.heise-security.co.uk/news/92958	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.356Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1018433",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018433"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.heise-security.co.uk/news/92958"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-08-13T21:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1018433",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018433"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.heise-security.co.uk/news/92958"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4309",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1018433",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018433"
            },
            {
              "name": "http://www.heise-security.co.uk/news/92958",
              "refsource": "MISC",
              "url": "http://www.heise-security.co.uk/news/92958"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21266085"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4309",
    "datePublished": "2007-08-13T21:00:00Z",
    "dateReserved": "2007-08-13T00:00:00Z",
    "dateUpdated": "2024-09-16T17:59:14.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-2174

Vulnerability from cvelistv5

Published

2012-06-20 10:00

Modified

2024-08-06 19:26

Severity ?

Summary

The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21598348	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/75320	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:26:08.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21598348"
          },
          {
            "name": "lotusnotes-notes-command-execution(75320)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75320"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-06-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21598348"
        },
        {
          "name": "lotusnotes-notes-command-execution(75320)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75320"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-2174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21598348",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21598348"
            },
            {
              "name": "lotusnotes-notes-command-execution(75320)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75320"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-2174",
    "datePublished": "2012-06-20T10:00:00",
    "dateReserved": "2012-04-04T00:00:00",
    "dateUpdated": "2024-08-06T19:26:08.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6594

Vulnerability from cvelistv5

Published

2007-12-28 21:00

Modified

2024-08-07 16:11

Severity ?

Summary

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

References

▼	URL	Tags
	http://osvdb.org/40933	vdb-entry, x_refsource_OSVDB
	http://www.vupen.com/english/advisories/2007/4037	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1019009	vdb-entry, x_refsource_SECTRACK
	http://osvdb.org/40934	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/27860	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg21289273	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:11:06.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40933",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40933"
          },
          {
            "name": "ADV-2007-4037",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4037"
          },
          {
            "name": "1019009",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019009"
          },
          {
            "name": "40934",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40934"
          },
          {
            "name": "27860",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27860"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "40933",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40933"
        },
        {
          "name": "ADV-2007-4037",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4037"
        },
        {
          "name": "1019009",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019009"
        },
        {
          "name": "40934",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40934"
        },
        {
          "name": "27860",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27860"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6594",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40933",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40933"
            },
            {
              "name": "ADV-2007-4037",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4037"
            },
            {
              "name": "1019009",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019009"
            },
            {
              "name": "40934",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40934"
            },
            {
              "name": "27860",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27860"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21289273"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6594",
    "datePublished": "2007-12-28T21:00:00",
    "dateReserved": "2007-12-28T00:00:00",
    "dateUpdated": "2024-08-07T16:11:06.088Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0121

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg27007054	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/16158	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/18328	third-party-advisory, x_refsource_SECUNIA
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument&Highlight=0%2CMKIN693QUT	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24223	vdb-entry, x_refsource_XF
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument&Highlight=0%2CMKIN67MQVW	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/0081	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
          },
          {
            "name": "16158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16158"
          },
          {
            "name": "18328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0%2CMKIN693QUT"
          },
          {
            "name": "lotus-ssl-handshake-dos(24223)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24223"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0%2CMKIN67MQVW"
          },
          {
            "name": "ADV-2006-0081",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0081"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
        },
        {
          "name": "16158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16158"
        },
        {
          "name": "18328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0%2CMKIN693QUT"
        },
        {
          "name": "lotus-ssl-handshake-dos(24223)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24223"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0%2CMKIN67MQVW"
        },
        {
          "name": "ADV-2006-0081",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0081"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0121",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
            },
            {
              "name": "16158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16158"
            },
            {
              "name": "18328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18328"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0,MKIN693QUT",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument\u0026Highlight=0,MKIN693QUT"
            },
            {
              "name": "lotus-ssl-handshake-dos(24223)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24223"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0,MKIN67MQVW",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument\u0026Highlight=0,MKIN67MQVW"
            },
            {
              "name": "ADV-2006-0081",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0081"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0121",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1424

Vulnerability from cvelistv5

Published

2011-05-24 23:00

Modified

2024-08-06 22:28

Severity ?

Summary

The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing.

References

▼	URL	Tags
	http://securityreason.com/securityalert/8258	third-party-advisory, x_refsource_SREASON
	http://www.securityfocus.com/archive/1/518003/100/0/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:41.300Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8258",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8258"
          },
          {
            "name": "20110513 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/518003/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The default configuration of ExShortcut\\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "name": "8258",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8258"
        },
        {
          "name": "20110513 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/518003/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security_alert@emc.com",
          "ID": "CVE-2011-1424",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The default configuration of ExShortcut\\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8258",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8258"
            },
            {
              "name": "20110513 ESA-2011-016: EMC SourceOne ASP.NET application tracing information disclosure vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/518003/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2011-1424",
    "datePublished": "2011-05-24T23:00:00",
    "dateReserved": "2011-03-14T00:00:00",
    "dateUpdated": "2024-08-06T22:28:41.300Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-3086

Vulnerability from cvelistv5

Published

2014-08-12 00:00

Modified

2024-08-06 10:35

Severity ?

Summary

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21680333	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/69183	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/61577	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/59680	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/94097	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21686383	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21680334	x_refsource_CONFIRM
	http://secunia.com/advisories/60622	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/60081	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/61640	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21686824	x_refsource_CONFIRM
	http://secunia.com/advisories/60317	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:55.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333"
          },
          {
            "name": "69183",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/69183"
          },
          {
            "name": "61577",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61577"
          },
          {
            "name": "59680",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59680"
          },
          {
            "name": "ibm-java-cve20143086-code-exec(94097)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94097"
          },
          {
            "name": "IV62634",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
          },
          {
            "name": "60622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60622"
          },
          {
            "name": "60081",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60081"
          },
          {
            "name": "61640",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61640"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
          },
          {
            "name": "60317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60317"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333"
        },
        {
          "name": "69183",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/69183"
        },
        {
          "name": "61577",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61577"
        },
        {
          "name": "59680",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59680"
        },
        {
          "name": "ibm-java-cve20143086-code-exec(94097)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94097"
        },
        {
          "name": "IV62634",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
        },
        {
          "name": "60622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60622"
        },
        {
          "name": "60081",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60081"
        },
        {
          "name": "61640",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61640"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
        },
        {
          "name": "60317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60317"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-3086",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service Refresh 7 FP1 and other products, allows remote attackers to gain privileges by leveraging the ability to execute code in the context of a security manager."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680333"
            },
            {
              "name": "69183",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/69183"
            },
            {
              "name": "61577",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61577"
            },
            {
              "name": "59680",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59680"
            },
            {
              "name": "ibm-java-cve20143086-code-exec(94097)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94097"
            },
            {
              "name": "IV62634",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV62634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334"
            },
            {
              "name": "60622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60622"
            },
            {
              "name": "60081",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60081"
            },
            {
              "name": "61640",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/61640"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824"
            },
            {
              "name": "60317",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60317"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-3086",
    "datePublished": "2014-08-12T00:00:00",
    "dateReserved": "2014-04-29T00:00:00",
    "dateUpdated": "2024-08-06T10:35:55.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1216

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907	third-party-advisory, x_refsource_IDEFENSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67623	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:33.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "20110524 IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907"
          },
          {
            "name": "lotus-notes-assr-bo(67623)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67623"
          },
          {
            "name": "oval:org.mitre.oval:def:13796",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "20110524 IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907"
        },
        {
          "name": "lotus-notes-assr-bo(67623)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67623"
        },
        {
          "name": "oval:org.mitre.oval:def:13796",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "20110524 IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907"
            },
            {
              "name": "lotus-notes-assr-bo(67623)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67623"
            },
            {
              "name": "oval:org.mitre.oval:def:13796",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1216",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:33.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1504

Vulnerability from cvelistv5

Published

2005-06-21 04:00

Modified

2024-08-08 04:58

Severity ?

Summary

Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/3458	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/221986	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/222212	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/7323	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3458",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3458"
          },
          {
            "name": "20011022 Security BugWare Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/221986"
          },
          {
            "name": "20011023 Re: Security BugWare Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/222212"
          },
          {
            "name": "lotus-notes-execute-objects(7323)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7323"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-10-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "3458",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3458"
        },
        {
          "name": "20011022 Security BugWare Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/221986"
        },
        {
          "name": "20011023 Re: Security BugWare Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/222212"
        },
        {
          "name": "lotus-notes-execute-objects(7323)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7323"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1504",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3458",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3458"
            },
            {
              "name": "20011022 Security BugWare Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/221986"
            },
            {
              "name": "20011023 Re: Security BugWare Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/222212"
            },
            {
              "name": "lotus-notes-execute-objects(7323)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7323"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1504",
    "datePublished": "2005-06-21T04:00:00",
    "dateReserved": "2005-06-21T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4823

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78767	vdb-entry, x_refsource_XF
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "IV29687",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "ibm-java-defineclass-code-execution(78767)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "IV29687",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "ibm-java-defineclass-code-execution(78767)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4823",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "IV29687",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "ibm-java-defineclass-code-execution(78767)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4823",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:17.295Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-0066

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 07:32

Severity ?

Summary

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.

References

▼	URL	Tags
	http://secunia.com/advisories/28140	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1019843	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://secunia.com/secunia_research/2008-3/advisory/	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/490828/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41724	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:32:24.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28140"
          },
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "1019843",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019843"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-3/advisory/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes htmsr.dll Buffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490828/100/0/threaded"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          },
          {
            "name": "autonomy-keyview-html-multiple-bo(41724)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41724"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) \"large chunks of data,\" or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28140"
        },
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "1019843",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019843"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-3/advisory/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes htmsr.dll Buffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490828/100/0/threaded"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        },
        {
          "name": "autonomy-keyview-html-multiple-bo(41724)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41724"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-0066",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) \"large chunks of data,\" or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28140"
            },
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "1019843",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019843"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-3/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-3/advisory/"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes htmsr.dll Buffer Overflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490828/100/0/threaded"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            },
            {
              "name": "autonomy-keyview-html-multiple-bo(41724)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41724"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-0066",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2008-01-03T00:00:00",
    "dateUpdated": "2024-08-07T07:32:24.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-1999-0429

Vulnerability from cvelistv5

Published

2000-10-13 04:00

Modified

2024-08-01 16:41

Severity ?

Summary

The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=92246997917866&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=92221437025743&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=92249282302994&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=92241547418689&w=2	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T16:41:44.230Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "19990326 Lotus Notes Encryption Bug",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=92246997917866\u0026w=2"
          },
          {
            "name": "19990323",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=92221437025743\u0026w=2"
          },
          {
            "name": "19990326 Re: Lotus Notes security advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=92249282302994\u0026w=2"
          },
          {
            "name": "19990324 Re: LNotes encryption",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=92241547418689\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the \"Encrypt Saved Mail\" preference."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "19990326 Lotus Notes Encryption Bug",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=92246997917866\u0026w=2"
        },
        {
          "name": "19990323",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=92221437025743\u0026w=2"
        },
        {
          "name": "19990326 Re: Lotus Notes security advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=92249282302994\u0026w=2"
        },
        {
          "name": "19990324 Re: LNotes encryption",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=92241547418689\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-1999-0429",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the \"Encrypt Saved Mail\" preference."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "19990326 Lotus Notes Encryption Bug",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=92246997917866\u0026w=2"
            },
            {
              "name": "19990323",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=92221437025743\u0026w=2"
            },
            {
              "name": "19990326 Re: Lotus Notes security advisory",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=92249282302994\u0026w=2"
            },
            {
              "name": "19990324 Re: LNotes encryption",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=92241547418689\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-1999-0429",
    "datePublished": "2000-10-13T04:00:00",
    "dateReserved": "1999-06-07T00:00:00",
    "dateUpdated": "2024-08-01T16:41:44.230Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-3037

Vulnerability from cvelistv5

Published

2009-09-01 16:00

Modified

2024-08-07 06:14

Severity ?

Summary

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2009/2389	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/36042	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/36472	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/36474	third-party-advisory, x_refsource_SECUNIA
	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090825_00	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21396492	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/36124	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:55.464Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2009-2389",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2389"
          },
          {
            "name": "36042",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36042"
          },
          {
            "name": "36472",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36472"
          },
          {
            "name": "36474",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36474"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
          },
          {
            "name": "36124",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36124"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-02-07T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2009-2389",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2389"
        },
        {
          "name": "36042",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36042"
        },
        {
          "name": "36472",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36472"
        },
        {
          "name": "36474",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36474"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
        },
        {
          "name": "36124",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36124"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3037",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2009-2389",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2389"
            },
            {
              "name": "36042",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36042"
            },
            {
              "name": "36472",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36472"
            },
            {
              "name": "36474",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36474"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090825_00"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21396492"
            },
            {
              "name": "36124",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36124"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3037",
    "datePublished": "2009-09-01T16:00:00",
    "dateReserved": "2009-09-01T00:00:00",
    "dateUpdated": "2024-08-07T06:14:55.464Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0522

Vulnerability from cvelistv5

Published

2018-07-16 14:00

Modified

2024-08-06 14:33

Severity ?

Summary

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.

References

▼	URL	Tags
	https://www-01.ibm.com/support/docview.wss?uid=swg21634508	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/82531	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:03.513Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
          },
          {
            "name": "ibm-notes-password-retrieval(82531)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-04-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-16T13:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
        },
        {
          "name": "ibm-notes-password-retrieval(82531)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0522",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508",
              "refsource": "CONFIRM",
              "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21634508"
            },
            {
              "name": "ibm-notes-password-retrieval(82531)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82531"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0522",
    "datePublished": "2018-07-16T14:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:03.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-1608

Vulnerability from cvelistv5

Published

2010-04-29 17:00

Modified

2024-08-07 01:28

Severity ?

Summary

Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0. NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

References

▼	URL	Tags
	http://secunia.com/advisories/38622	third-party-advisory, x_refsource_SECUNIA
	https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/58322	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/38300	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:28:43.078Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38622",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38622"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/"
          },
          {
            "name": "lotusnotes-unspec-bo(58322)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58322"
          },
          {
            "name": "oval:org.mitre.oval:def:14489",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489"
          },
          {
            "name": "38300",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38300"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0.  NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38622",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38622"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/"
        },
        {
          "name": "lotusnotes-unspec-bo(58322)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58322"
        },
        {
          "name": "oval:org.mitre.oval:def:14489",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489"
        },
        {
          "name": "38300",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38300"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1608",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows remote attackers to execute arbitrary code via unknown attack vectors, as demonstrated by the vd_ln module in VulnDisco 9.0.  NOTE: as of 20100222, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38622",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38622"
            },
            {
              "name": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/",
              "refsource": "MISC",
              "url": "https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/"
            },
            {
              "name": "lotusnotes-unspec-bo(58322)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58322"
            },
            {
              "name": "oval:org.mitre.oval:def:14489",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14489"
            },
            {
              "name": "38300",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38300"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1608",
    "datePublished": "2010-04-29T17:00:00",
    "dateReserved": "2010-04-29T00:00:00",
    "dateUpdated": "2024-08-07T01:28:43.078Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1442

Vulnerability from cvelistv5

Published

2005-05-03 04:00

Modified

2024-08-07 21:51

Severity ?

Summary

Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/13447	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202526	x_refsource_CONFIRM
	http://www.osvdb.org/15367	vdb-entry, x_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilities/20044	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/1013841	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:51:50.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13447",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13447"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526"
          },
          {
            "name": "15367",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/15367"
          },
          {
            "name": "lotus-notesini-bo(20044)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20044"
          },
          {
            "name": "1013841",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/1013841"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13447",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13447"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526"
        },
        {
          "name": "15367",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/15367"
        },
        {
          "name": "lotus-notesini-bo(20044)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20044"
        },
        {
          "name": "1013841",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/1013841"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1442",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the NOTES.INI file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13447",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13447"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202526"
            },
            {
              "name": "15367",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/15367"
            },
            {
              "name": "lotus-notesini-bo(20044)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20044"
            },
            {
              "name": "1013841",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/1013841"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1442",
    "datePublished": "2005-05-03T04:00:00",
    "dateReserved": "2005-05-03T00:00:00",
    "dateUpdated": "2024-08-07T21:51:50.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2696

Vulnerability from cvelistv5

Published

2005-08-25 04:00

Modified

2024-08-07 22:45

Severity ?

Summary

IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) "PasswordDigest" and "HTTPPassword" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=112456040418543&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.venera.com/downloads/Lotus_password_disclosures.pdf	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:45:02.021Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050820 IBM Lotus Notes multiple disclosures of password hashes",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=112456040418543\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-08-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) \"PasswordDigest\" and \"HTTPPassword\" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050820 IBM Lotus Notes multiple disclosures of password hashes",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=112456040418543\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2696",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes does not properly restrict access to password hashes in the Notes Address Book (NAB), which allows remote attackers to obtain sensitive information via the (1) password digest field in the Administration tab of a Lotus Notes client, (2) \"PasswordDigest\" and \"HTTPPassword\" fields in the document properties in the NAB, or (3) a direct query to the Domino LDAP server, a different vulnerability than CVE-2005-2428."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050820 IBM Lotus Notes multiple disclosures of password hashes",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=112456040418543\u0026w=2"
            },
            {
              "name": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf",
              "refsource": "MISC",
              "url": "http://www.venera.com/downloads/Lotus_password_disclosures.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2696",
    "datePublished": "2005-08-25T04:00:00",
    "dateReserved": "2005-08-25T00:00:00",
    "dateUpdated": "2024-08-07T22:45:02.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2618

Vulnerability from cvelistv5

Published

2006-02-15 00:00

Modified

2024-08-07 22:30

Severity ?

Summary

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll).

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24635	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	x_refsource_CONFIRM
	http://secunia.com/secunia_research/2005-34/advisory/	x_refsource_MISC
	http://www.osvdb.org/23067	vdb-entry, x_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24636	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2006/0500	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2006/0501	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/424626/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.osvdb.org/23064	vdb-entry, x_refsource_OSVDB
	http://www.osvdb.org/23066	vdb-entry, x_refsource_OSVDB
	http://securitytracker.com/id?1015657	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/secunia_research/2005-36/advisory/	x_refsource_MISC
	http://www.osvdb.org/23065	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/16576	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/424689/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/16100	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24639	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24638	vdb-entry, x_refsource_XF
	http://secunia.com/secunia_research/2005-32/advisory/	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/884076	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/secunia_research/2005-66/advisory/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/424692/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/16280	third-party-advisory, x_refsource_SECUNIA
	http://www.osvdb.org/23068	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/archive/1/424666/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/secunia_research/2005-37/advisory/	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:30:02.167Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "lotus-kvarcve-filename-bo(24635)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-34/advisory/"
          },
          {
            "name": "23067",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23067"
          },
          {
            "name": "lotus-uudrdr-uue-bo(24636)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
          },
          {
            "name": "ADV-2006-0500",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0500"
          },
          {
            "name": "ADV-2006-0501",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0501"
          },
          {
            "name": "20060210 Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
          },
          {
            "name": "23064",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23064"
          },
          {
            "name": "23066",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23066"
          },
          {
            "name": "1015657",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015657"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-36/advisory/"
          },
          {
            "name": "23065",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23065"
          },
          {
            "name": "16576",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16576"
          },
          {
            "name": "20060210 Secunia Research: Lotus Notes UUE File Handling Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
          },
          {
            "name": "16100",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16100"
          },
          {
            "name": "lotus-htmsr-link-bo(24639)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
          },
          {
            "name": "lotus-tarrdr-filename-bo(24638)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-32/advisory/"
          },
          {
            "name": "VU#884076",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/884076"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-66/advisory/"
          },
          {
            "name": "20060210 Secunia Research: Lotus Notes HTML Speed Reader Link BufferOverflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
          },
          {
            "name": "16280",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16280"
          },
          {
            "name": "23068",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23068"
          },
          {
            "name": "20060210 Secunia Research: Lotus Notes TAR Reader File Extraction BufferOverflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-37/advisory/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "lotus-kvarcve-filename-bo(24635)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-34/advisory/"
        },
        {
          "name": "23067",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23067"
        },
        {
          "name": "lotus-uudrdr-uue-bo(24636)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
        },
        {
          "name": "ADV-2006-0500",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0500"
        },
        {
          "name": "ADV-2006-0501",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0501"
        },
        {
          "name": "20060210 Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
        },
        {
          "name": "23064",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23064"
        },
        {
          "name": "23066",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23066"
        },
        {
          "name": "1015657",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015657"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-36/advisory/"
        },
        {
          "name": "23065",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23065"
        },
        {
          "name": "16576",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16576"
        },
        {
          "name": "20060210 Secunia Research: Lotus Notes UUE File Handling Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
        },
        {
          "name": "16100",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16100"
        },
        {
          "name": "lotus-htmsr-link-bo(24639)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
        },
        {
          "name": "lotus-tarrdr-filename-bo(24638)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-32/advisory/"
        },
        {
          "name": "VU#884076",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/884076"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-66/advisory/"
        },
        {
          "name": "20060210 Secunia Research: Lotus Notes HTML Speed Reader Link BufferOverflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
        },
        {
          "name": "16280",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16280"
        },
        {
          "name": "23068",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23068"
        },
        {
          "name": "20060210 Secunia Research: Lotus Notes TAR Reader File Extraction BufferOverflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-37/advisory/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2618",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "lotus-kvarcve-filename-bo(24635)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24635"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-34/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-34/advisory/"
            },
            {
              "name": "23067",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23067"
            },
            {
              "name": "lotus-uudrdr-uue-bo(24636)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24636"
            },
            {
              "name": "ADV-2006-0500",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0500"
            },
            {
              "name": "ADV-2006-0501",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0501"
            },
            {
              "name": "20060210 Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424626/100/0/threaded"
            },
            {
              "name": "23064",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23064"
            },
            {
              "name": "23066",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23066"
            },
            {
              "name": "1015657",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015657"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-36/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-36/advisory/"
            },
            {
              "name": "23065",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23065"
            },
            {
              "name": "16576",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16576"
            },
            {
              "name": "20060210 Secunia Research: Lotus Notes UUE File Handling Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424689/100/0/threaded"
            },
            {
              "name": "16100",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16100"
            },
            {
              "name": "lotus-htmsr-link-bo(24639)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24639"
            },
            {
              "name": "lotus-tarrdr-filename-bo(24638)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24638"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-32/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-32/advisory/"
            },
            {
              "name": "VU#884076",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/884076"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-66/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-66/advisory/"
            },
            {
              "name": "20060210 Secunia Research: Lotus Notes HTML Speed Reader Link BufferOverflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424692/100/0/threaded"
            },
            {
              "name": "16280",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16280"
            },
            {
              "name": "23068",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23068"
            },
            {
              "name": "20060210 Secunia Research: Lotus Notes TAR Reader File Extraction BufferOverflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424666/100/0/threaded"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-37/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-37/advisory/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2618",
    "datePublished": "2006-02-15T00:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-07T22:30:02.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-5835

Vulnerability from cvelistv5

Published

2006-11-10 01:00

Modified

2024-08-07 20:04

Severity ?

Summary

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

References

▼	URL	Tags
	http://securitytracker.com/id?1017203	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/20960	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21248026	x_refsource_CONFIRM
	http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/30118	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/22741	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/4411	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:04:55.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017203",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017203"
          },
          {
            "name": "20960",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20960"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf"
          },
          {
            "name": "lotusnotes-nrpc-information-disclosure(30118)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30118"
          },
          {
            "name": "22741",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22741"
          },
          {
            "name": "ADV-2006-4411",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4411"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017203",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017203"
        },
        {
          "name": "20960",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20960"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf"
        },
        {
          "name": "lotusnotes-nrpc-information-disclosure(30118)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30118"
        },
        {
          "name": "22741",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22741"
        },
        {
          "name": "ADV-2006-4411",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4411"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5835",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017203",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017203"
            },
            {
              "name": "20960",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20960"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21248026"
            },
            {
              "name": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf",
              "refsource": "MISC",
              "url": "http://www.fortconsult.net/images/pdf/lotusnotes_keyfiles.pdf"
            },
            {
              "name": "lotusnotes-nrpc-information-disclosure(30118)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30118"
            },
            {
              "name": "22741",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22741"
            },
            {
              "name": "ADV-2006-4411",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4411"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5835",
    "datePublished": "2006-11-10T01:00:00",
    "dateReserved": "2006-11-09T00:00:00",
    "dateUpdated": "2024-08-07T20:04:55.605Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4822

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78766	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2012-1465.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51393	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:16.938Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "IV29665",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "name": "ibm-java-jlc-code-execution(78766)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "name": "RHSA-2012:1465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
          },
          {
            "name": "51328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51393",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51393"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "IV29665",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "name": "ibm-java-jlc-code-execution(78766)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "name": "RHSA-2012:1465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
        },
        {
          "name": "51328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51393",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51393"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4822",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "IV29665",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "ibm-java-jlc-code-execution(78766)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "RHSA-2012:1465",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
            },
            {
              "name": "51328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51393",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51393"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4822",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:16.938Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-3114

Vulnerability from cvelistv5

Published

2009-09-09 22:00

Modified

2024-08-07 06:14

Severity ?

Summary

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.

References

▼	URL	Tags
	http://www.scip.ch/?vuldb.4021	x_refsource_MISC
	http://www-01.ibm.com/support/docview.wss?uid=swg21403834	x_refsource_CONFIRM
	http://secunia.com/advisories/36813	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/506296/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/36305	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:56.061Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.scip.ch/?vuldb.4021"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834"
          },
          {
            "name": "36813",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36813"
          },
          {
            "name": "20090908 [scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/506296/100/0/threaded"
          },
          {
            "name": "36305",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36305"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer\u0027s Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.scip.ch/?vuldb.4021"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834"
        },
        {
          "name": "36813",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36813"
        },
        {
          "name": "20090908 [scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/506296/100/0/threaded"
        },
        {
          "name": "36305",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36305"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3114",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer\u0027s Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.scip.ch/?vuldb.4021",
              "refsource": "MISC",
              "url": "http://www.scip.ch/?vuldb.4021"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403834"
            },
            {
              "name": "36813",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36813"
            },
            {
              "name": "20090908 [scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/506296/100/0/threaded"
            },
            {
              "name": "36305",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36305"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3114",
    "datePublished": "2009-09-09T22:00:00",
    "dateReserved": "2009-09-09T00:00:00",
    "dateUpdated": "2024-08-07T06:14:56.061Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-0370

Vulnerability from cvelistv5

Published

2002-10-05 04:00

Modified

2024-08-08 02:49

Severity ?

Summary

Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0.

References

▼	URL	Tags
	http://www.info.apple.com/usen/security/security_updates.html	x_refsource_CONFIRM
	http://www.info-zip.org/FAQ.html	x_refsource_CONFIRM
	http://www.iss.net/security_center/static/10251.php	vdb-entry, x_refsource_XF
	http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html	mailing-list, x_refsource_VULNWATCH
	http://securityreason.com/securityalert/587	third-party-advisory, x_refsource_SREASON
	http://marc.info/?l=bugtraq&m=103428193409223&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.kb.cert.org/vuls/id/383779	third-party-advisory, x_refsource_CERT-VN
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054	vendor-advisory, x_refsource_MS
	http://www.securityfocus.com/bid/5873	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:49:28.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.info.apple.com/usen/security/security_updates.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.info-zip.org/FAQ.html"
          },
          {
            "name": "win-zip-decompression-bo(10251)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/10251.php"
          },
          {
            "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html"
          },
          {
            "name": "587",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/587"
          },
          {
            "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=103428193409223\u0026w=2"
          },
          {
            "name": "VU#383779",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/383779"
          },
          {
            "name": "MS02-054",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054"
          },
          {
            "name": "5873",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/5873"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2002-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.info.apple.com/usen/security/security_updates.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.info-zip.org/FAQ.html"
        },
        {
          "name": "win-zip-decompression-bo(10251)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/10251.php"
        },
        {
          "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html"
        },
        {
          "name": "587",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/587"
        },
        {
          "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=103428193409223\u0026w=2"
        },
        {
          "name": "VU#383779",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/383779"
        },
        {
          "name": "MS02-054",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054"
        },
        {
          "name": "5873",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/5873"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-0370",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.info.apple.com/usen/security/security_updates.html",
              "refsource": "CONFIRM",
              "url": "http://www.info.apple.com/usen/security/security_updates.html"
            },
            {
              "name": "http://www.info-zip.org/FAQ.html",
              "refsource": "CONFIRM",
              "url": "http://www.info-zip.org/FAQ.html"
            },
            {
              "name": "win-zip-decompression-bo(10251)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/10251.php"
            },
            {
              "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html"
            },
            {
              "name": "587",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/587"
            },
            {
              "name": "20021002 R7-0004: Multiple Vendor Long ZIP Entry Filename Processing Issues",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=103428193409223\u0026w=2"
            },
            {
              "name": "VU#383779",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/383779"
            },
            {
              "name": "MS02-054",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054"
            },
            {
              "name": "5873",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/5873"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-0370",
    "datePublished": "2002-10-05T04:00:00",
    "dateReserved": "2002-05-08T00:00:00",
    "dateUpdated": "2024-08-08T02:49:28.347Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1718

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 08:32

Severity ?

Summary

Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41856	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:32:01.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "autonomy-mimesr-bo(41856)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41856"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "autonomy-mimesr-bo(41856)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41856"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1718",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "autonomy-mimesr-bo(41856)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41856"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1718",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2008-04-10T00:00:00",
    "dateUpdated": "2024-08-07T08:32:01.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2977

Vulnerability from cvelistv5

Published

2013-05-10 10:00

Modified

2024-08-06 15:52

Severity ?

Summary

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21635878	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83967	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:52:21.676Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878"
          },
          {
            "name": "ibm-notes-cve20132977-bo(83967)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83967"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-05-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878"
        },
        {
          "name": "ibm-notes-cve20132977-bo(83967)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83967"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-2977",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635878"
            },
            {
              "name": "ibm-notes-cve20132977-bo(83967)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83967"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-2977",
    "datePublished": "2013-05-10T10:00:00",
    "dateReserved": "2013-04-12T00:00:00",
    "dateUpdated": "2024-08-06T15:52:21.676Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6593

Vulnerability from cvelistv5

Published

2007-12-28 21:00

Modified

2024-08-07 16:11

Severity ?

Summary

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.

References

▼	URL	Tags
	http://securityreason.com/securityalert/3499	third-party-advisory, x_refsource_SREASON
	http://www.ibm.com/support/docview.wss?rs=475&uid=swg21285600	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/26604	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/484272/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securitytracker.com/id?1019096	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/4012	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/27849	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/4020	vdb-entry, x_refsource_VUPEN
	http://securitytracker.com/id?1019002	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/27836	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27835	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/38645	vdb-entry, x_refsource_XF
	http://www.coresecurity.com/index.php5?action=item&id=2008	x_refsource_MISC
	http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html	mailing-list, x_refsource_FULLDISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:11:06.075Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3499",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3499"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600"
          },
          {
            "name": "26604",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26604"
          },
          {
            "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/484272/100/0/threaded"
          },
          {
            "name": "1019096",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019096"
          },
          {
            "name": "ADV-2007-4012",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4012"
          },
          {
            "name": "27849",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27849"
          },
          {
            "name": "ADV-2007-4020",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4020"
          },
          {
            "name": "1019002",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019002"
          },
          {
            "name": "27836",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27836"
          },
          {
            "name": "27835",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27835"
          },
          {
            "name": "lotus-123fileviewer-bo(38645)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38645"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008"
          },
          {
            "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "3499",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3499"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600"
        },
        {
          "name": "26604",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26604"
        },
        {
          "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/484272/100/0/threaded"
        },
        {
          "name": "1019096",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019096"
        },
        {
          "name": "ADV-2007-4012",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4012"
        },
        {
          "name": "27849",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27849"
        },
        {
          "name": "ADV-2007-4020",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4020"
        },
        {
          "name": "1019002",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019002"
        },
        {
          "name": "27836",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27836"
        },
        {
          "name": "27835",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27835"
        },
        {
          "name": "lotus-123fileviewer-bo(38645)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38645"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008"
        },
        {
          "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6593",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3499",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3499"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?rs=475\u0026uid=swg21285600"
            },
            {
              "name": "26604",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26604"
            },
            {
              "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/484272/100/0/threaded"
            },
            {
              "name": "1019096",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019096"
            },
            {
              "name": "ADV-2007-4012",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4012"
            },
            {
              "name": "27849",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27849"
            },
            {
              "name": "ADV-2007-4020",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4020"
            },
            {
              "name": "1019002",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019002"
            },
            {
              "name": "27836",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27836"
            },
            {
              "name": "27835",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27835"
            },
            {
              "name": "lotus-123fileviewer-bo(38645)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38645"
            },
            {
              "name": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/index.php5?action=item\u0026id=2008"
            },
            {
              "name": "20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058680.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6593",
    "datePublished": "2007-12-28T21:00:00",
    "dateReserved": "2007-12-28T00:00:00",
    "dateUpdated": "2024-08-07T16:11:06.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1405

Vulnerability from cvelistv5

Published

2005-05-03 04:00

Modified

2024-08-07 21:51

Severity ?

Summary

HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.

References

▼	URL	Tags
	http://www.osvdb.org/15365	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437	x_refsource_CONFIRM
	http://secunia.com/advisories/14879	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/20045	vdb-entry, x_refsource_XF
	http://www.kb.cert.org/vuls/id/699798	third-party-advisory, x_refsource_CERT-VN
	http://securitytracker.com/id?1013839	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:51:49.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15365",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/15365"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437"
          },
          {
            "name": "14879",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/14879"
          },
          {
            "name": "lotus-sethttpheader-injection(20045)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20045"
          },
          {
            "name": "VU#699798",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/699798"
          },
          {
            "name": "1013839",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1013839"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15365",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/15365"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437"
        },
        {
          "name": "14879",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/14879"
        },
        {
          "name": "lotus-sethttpheader-injection(20045)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20045"
        },
        {
          "name": "VU#699798",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/699798"
        },
        {
          "name": "1013839",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1013839"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15365",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/15365"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21202437"
            },
            {
              "name": "14879",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/14879"
            },
            {
              "name": "lotus-sethttpheader-injection(20045)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20045"
            },
            {
              "name": "VU#699798",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/699798"
            },
            {
              "name": "1013839",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1013839"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1405",
    "datePublished": "2005-05-03T04:00:00",
    "dateReserved": "2005-05-03T00:00:00",
    "dateUpdated": "2024-08-07T21:51:49.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-6349

Vulnerability from cvelistv5

Published

2013-07-18 16:00

Modified

2024-09-17 00:30

Severity ?

Summary

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21627992	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:28:39.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-07-18T16:00:00Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-6349",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21627992"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-6349",
    "datePublished": "2013-07-18T16:00:00Z",
    "dateReserved": "2012-12-16T00:00:00Z",
    "dateUpdated": "2024-09-17T00:30:29.802Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0117

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion".

References

▼	URL	Tags
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg27007054	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/16158	vdb-entry, x_refsource_BID
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24205	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/18328	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0081	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
          },
          {
            "name": "16158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16158"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
          },
          {
            "name": "lotus-cdtomime-dos(24205)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24205"
          },
          {
            "name": "18328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18328"
          },
          {
            "name": "ADV-2006-0081",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0081"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving \"CD to MIME Conversion\"."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
        },
        {
          "name": "16158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16158"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
        },
        {
          "name": "lotus-cdtomime-dos(24205)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24205"
        },
        {
          "name": "18328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18328"
        },
        {
          "name": "ADV-2006-0081",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0081"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0117",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving \"CD to MIME Conversion\"."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
            },
            {
              "name": "16158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16158"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
            },
            {
              "name": "lotus-cdtomime-dos(24205)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24205"
            },
            {
              "name": "18328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18328"
            },
            {
              "name": "ADV-2006-0081",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0081"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0117",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2000-1117

Vulnerability from cvelistv5

Published

2000-12-19 05:00

Modified

2024-08-08 05:45

Severity ?

Summary

The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.

References

▼	URL	Tags
	http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/1994	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:45:37.053Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20001124 Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html"
          },
          {
            "name": "1994",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1994"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-11-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-02T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20001124 Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html"
        },
        {
          "name": "1994",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1994"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-1117",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20001124 Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html"
            },
            {
              "name": "1994",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1994"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-1117",
    "datePublished": "2000-12-19T05:00:00",
    "dateReserved": "2000-12-14T00:00:00",
    "dateUpdated": "2024-08-08T05:45:37.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5544

Vulnerability from cvelistv5

Published

2007-10-29 21:00

Modified

2024-08-07 15:31

Severity ?

Summary

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.

References

▼	URL	Tags
	http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt	x_refsource_MISC
	http://www.securityfocus.com/bid/26146	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2007/3598	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg21257030	x_refsource_CONFIRM
	http://secunia.com/advisories/27321	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:59.000Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt"
          },
          {
            "name": "26146",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26146"
          },
          {
            "name": "ADV-2007-3598",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3598"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030"
          },
          {
            "name": "27321",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27321"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt"
        },
        {
          "name": "26146",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26146"
        },
        {
          "name": "ADV-2007-3598",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3598"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030"
        },
        {
          "name": "27321",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27321"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt",
              "refsource": "MISC",
              "url": "http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt"
            },
            {
              "name": "26146",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26146"
            },
            {
              "name": "ADV-2007-3598",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3598"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257030"
            },
            {
              "name": "27321",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27321"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5544",
    "datePublished": "2007-10-29T21:00:00",
    "dateReserved": "2007-10-18T00:00:00",
    "dateUpdated": "2024-08-07T15:31:59.000Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4846

Vulnerability from cvelistv5

Published

2012-12-19 11:00

Modified

2024-08-06 20:50

Severity ?

Summary

IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/79535	vdb-entry, x_refsource_XF
	http://www.ibm.com/support/docview.wss?uid=swg21620361	x_refsource_CONFIRM
	http://www.ibm.com/support/docview.wss?uid=swg21619604	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.337Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "lotus-notes-httponly-info-disc(79535)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79535"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21620361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21619604"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-12-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "lotus-notes-httponly-info-disc(79535)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79535"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21620361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21619604"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4846",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "lotus-notes-httponly-info-disc(79535)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79535"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21620361",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21620361"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21619604",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21619604"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4846",
    "datePublished": "2012-12-19T11:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:17.337Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1217

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67624	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:33.904Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "lotus-notes-kpprzrdr-bo(67624)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67624"
          },
          {
            "name": "oval:org.mitre.oval:def:14822",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "lotus-notes-kpprzrdr-bo(67624)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67624"
        },
        {
          "name": "oval:org.mitre.oval:def:14822",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "lotus-notes-kpprzrdr-bo(67624)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67624"
            },
            {
              "name": "oval:org.mitre.oval:def:14822",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1217",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:33.904Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3778

Vulnerability from cvelistv5

Published

2006-07-21 18:00

Modified

2024-08-07 18:39

Severity ?

Summary

IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients.

References

▼	URL	Tags
	http://securitytracker.com/id?1016516	vdb-entry, x_refsource_SECTRACK
	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21243602	x_refsource_CONFIRM
	http://securitytracker.com/id?1016819	vdb-entry, x_refsource_SECTRACK
	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21240386	x_refsource_CONFIRM
	http://secunia.com/advisories/21096	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:39:54.132Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1016516",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016516"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602"
          },
          {
            "name": "1016819",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016819"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386"
          },
          {
            "name": "21096",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21096"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) \"Save As Draft\" option is used or (2) a \",\" (comma) is inside the \"phrase\" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-09-15T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1016516",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016516"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602"
        },
        {
          "name": "1016819",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016819"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386"
        },
        {
          "name": "21096",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21096"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3778",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) \"Save As Draft\" option is used or (2) a \",\" (comma) is inside the \"phrase\" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1016516",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016516"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21243602"
            },
            {
              "name": "1016819",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016819"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21240386"
            },
            {
              "name": "21096",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21096"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3778",
    "datePublished": "2006-07-21T18:00:00",
    "dateReserved": "2006-07-21T00:00:00",
    "dateUpdated": "2024-08-07T18:39:54.132Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5910

Vulnerability from cvelistv5

Published

2007-11-10 02:00

Modified

2024-08-07 15:47

Severity ?

Summary

Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file.

References

▼	URL	Tags
	http://vuln.sg/lotusnotes702wpd-en.html	x_refsource_MISC
	http://securityreason.com/securityalert/3357	third-party-advisory, x_refsource_SREASON
	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111	x_refsource_CONFIRM
	http://securitytracker.com/id?1018853	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/482664	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/3697	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26175	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/27304	third-party-advisory, x_refsource_SECUNIA
	http://vuln.sg/lotusnotes702-en.html	x_refsource_MISC
	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1018886	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/3596	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702wpd-en.html"
          },
          {
            "name": "3357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3357"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
          },
          {
            "name": "1018853",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018853"
          },
          {
            "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482664"
          },
          {
            "name": "ADV-2007-3697",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3697"
          },
          {
            "name": "26175",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26175"
          },
          {
            "name": "27304",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27304"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702-en.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
          },
          {
            "name": "1018886",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018886"
          },
          {
            "name": "ADV-2007-3596",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3596"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-11-28T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702wpd-en.html"
        },
        {
          "name": "3357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3357"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
        },
        {
          "name": "1018853",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018853"
        },
        {
          "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482664"
        },
        {
          "name": "ADV-2007-3697",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3697"
        },
        {
          "name": "26175",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26175"
        },
        {
          "name": "27304",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27304"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702-en.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
        },
        {
          "name": "1018886",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018886"
        },
        {
          "name": "ADV-2007-3596",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3596"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5910",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://vuln.sg/lotusnotes702wpd-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702wpd-en.html"
            },
            {
              "name": "3357",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3357"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
            },
            {
              "name": "1018853",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018853"
            },
            {
              "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/482664"
            },
            {
              "name": "ADV-2007-3697",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3697"
            },
            {
              "name": "26175",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26175"
            },
            {
              "name": "27304",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27304"
            },
            {
              "name": "http://vuln.sg/lotusnotes702-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702-en.html"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
            },
            {
              "name": "1018886",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018886"
            },
            {
              "name": "ADV-2007-3596",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3596"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5910",
    "datePublished": "2007-11-10T02:00:00",
    "dateReserved": "2007-11-09T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0536

Vulnerability from cvelistv5

Published

2013-06-21 17:00

Modified

2024-08-06 14:33

Severity ?

Summary

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/82658	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21633827	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.247Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "notes-cve20130536-code-exec(82658)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "notes-cve20130536-code-exec(82658)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0536",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "notes-cve20130536-code-exec(82658)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82658"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633827"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0536",
    "datePublished": "2013-06-21T17:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.247Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6706

Vulnerability from cvelistv5

Published

2008-03-09 02:00

Modified

2024-08-07 16:18

Severity ?

Summary

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.

References

▼	URL	Tags
	http://osvdb.org/40956	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?uid=swg21271957	x_refsource_CONFIRM
	http://securitytracker.com/id?1019464	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/27279	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3597	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:18:20.570Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40956",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40956"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
          },
          {
            "name": "1019464",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019464"
          },
          {
            "name": "27279",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27279"
          },
          {
            "name": "ADV-2007-3597",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3597"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "40956",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40956"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
        },
        {
          "name": "1019464",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019464"
        },
        {
          "name": "27279",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27279"
        },
        {
          "name": "ADV-2007-3597",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3597"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6706",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40956",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40956"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
            },
            {
              "name": "1019464",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019464"
            },
            {
              "name": "27279",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27279"
            },
            {
              "name": "ADV-2007-3597",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3597"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6706",
    "datePublished": "2008-03-09T02:00:00",
    "dateReserved": "2008-03-08T00:00:00",
    "dateUpdated": "2024-08-07T16:18:20.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1941

Vulnerability from cvelistv5

Published

2007-04-11 01:00

Modified

2024-08-07 13:13

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843.

References

▼	URL	Tags
	http://www.securitytracker.com/id?1017870	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/23421	vdb-entry, x_refsource_BID
	http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21247201	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:13:41.862Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1017870",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1017870"
          },
          {
            "name": "23421",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/23421"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-04-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-04-18T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1017870",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1017870"
        },
        {
          "name": "23421",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/23421"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1941",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-4843."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1017870",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1017870"
            },
            {
              "name": "23421",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/23421"
            },
            {
              "name": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt",
              "refsource": "MISC",
              "url": "http://www.intrinsec.com/Advisory_DWA_XSS_200704.txt"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21247201"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1941",
    "datePublished": "2007-04-11T01:00:00",
    "dateReserved": "2007-04-10T00:00:00",
    "dateUpdated": "2024-08-07T13:13:41.862Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-5251

Vulnerability from cvelistv5

Published

2012-09-07 10:00

Modified

2024-09-17 03:13

Severity ?

Summary

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References

▼	URL	Tags
	http://secunia.com/advisories/41223	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "41223",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-09-07T10:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "41223",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-5251",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "41223",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-5251",
    "datePublished": "2012-09-07T10:00:00Z",
    "dateReserved": "2012-09-07T00:00:00Z",
    "dateUpdated": "2024-09-17T03:13:51.879Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5405

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 15:31

Severity ?

Summary

Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.

References

▼	URL	Tags
	http://secunia.com/advisories/28140	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29342	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2007-97/advisory/	x_refsource_MISC
	http://secunia.com/advisories/27763	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41721	vdb-entry, x_refsource_XF
	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html	x_refsource_CONFIRM
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/490838/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/secunia_research/2007-96/advisory/	x_refsource_MISC
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/secunia_research/2007-95/advisory/	x_refsource_MISC
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1019844	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/490825/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1154	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/490837/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/secunia_research/2007-98/advisory/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/490839/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://securitytracker.com/id?1019805	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28140"
          },
          {
            "name": "29342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29342"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-97/advisory/"
          },
          {
            "name": "27763",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27763"
          },
          {
            "name": "autonomy-keyview-applix-multiple-bo(41721)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
          },
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-96/advisory/"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-95/advisory/"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "name": "1019844",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019844"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
          },
          {
            "name": "ADV-2008-1154",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1154"
          },
          {
            "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-98/advisory/"
          },
          {
            "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
          },
          {
            "name": "1019805",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019805"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28140"
        },
        {
          "name": "29342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29342"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-97/advisory/"
        },
        {
          "name": "27763",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27763"
        },
        {
          "name": "autonomy-keyview-applix-multiple-bo(41721)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
        },
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-96/advisory/"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-95/advisory/"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "name": "1019844",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019844"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
        },
        {
          "name": "ADV-2008-1154",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1154"
        },
        {
          "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-98/advisory/"
        },
        {
          "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
        },
        {
          "name": "1019805",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019805"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-5405",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28140"
            },
            {
              "name": "29342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29342"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-97/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-97/advisory/"
            },
            {
              "name": "27763",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27763"
            },
            {
              "name": "autonomy-keyview-applix-multiple-bo(41721)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41721"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
            },
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-96/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-96/advisory/"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-95/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-95/advisory/"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "1019844",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019844"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
            },
            {
              "name": "ADV-2008-1154",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1154"
            },
            {
              "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-98/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-98/advisory/"
            },
            {
              "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
            },
            {
              "name": "1019805",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019805"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-5405",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5406

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 15:31

Severity ?

Summary

kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.

References

▼	URL	Tags
	http://secunia.com/advisories/28140	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29342	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2007-97/advisory/	x_refsource_MISC
	http://secunia.com/advisories/27763	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/490838/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41722	vdb-entry, x_refsource_XF
	http://secunia.com/secunia_research/2007-96/advisory/	x_refsource_MISC
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/secunia_research/2007-95/advisory/	x_refsource_MISC
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1019844	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/490825/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1154	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/490837/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/secunia_research/2007-98/advisory/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/490839/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://securitytracker.com/id?1019805	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.865Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28140"
          },
          {
            "name": "29342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29342"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-97/advisory/"
          },
          {
            "name": "27763",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27763"
          },
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
          },
          {
            "name": "autonomy-keyview-applix-dos(41722)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-96/advisory/"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-95/advisory/"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "name": "1019844",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019844"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
          },
          {
            "name": "ADV-2008-1154",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1154"
          },
          {
            "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-98/advisory/"
          },
          {
            "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
          },
          {
            "name": "1019805",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019805"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28140"
        },
        {
          "name": "29342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29342"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-97/advisory/"
        },
        {
          "name": "27763",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27763"
        },
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
        },
        {
          "name": "autonomy-keyview-applix-dos(41722)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-96/advisory/"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-95/advisory/"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "name": "1019844",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019844"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
        },
        {
          "name": "ADV-2008-1154",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1154"
        },
        {
          "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-98/advisory/"
        },
        {
          "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
        },
        {
          "name": "1019805",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019805"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-5406",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28140"
            },
            {
              "name": "29342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29342"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-97/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-97/advisory/"
            },
            {
              "name": "27763",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27763"
            },
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "20080414 Secunia Research: Symantec Mail Security Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490838/100/0/threaded"
            },
            {
              "name": "autonomy-keyview-applix-dos(41722)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41722"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-96/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-96/advisory/"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-95/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-95/advisory/"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "1019844",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019844"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490825/100/0/threaded"
            },
            {
              "name": "ADV-2008-1154",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1154"
            },
            {
              "name": "20080414 Secunia Research: Autonomy Keyview Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490837/100/0/threaded"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-98/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-98/advisory/"
            },
            {
              "name": "20080414 Secunia Research: activePDF DocConverter Applix Graphics ParsingVulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490839/100/0/threaded"
            },
            {
              "name": "1019805",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019805"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-5406",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.865Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1217

Vulnerability from cvelistv5

Published

2008-03-09 02:00

Modified

2024-08-07 08:17

Severity ?

Summary

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21271957	x_refsource_CONFIRM
	http://securitytracker.com/id?1019464	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:17:34.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
          },
          {
            "name": "1019464",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019464"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-09-03T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
        },
        {
          "name": "1019464",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019464"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1217",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21271957"
            },
            {
              "name": "1019464",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019464"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1217",
    "datePublished": "2008-03-09T02:00:00",
    "dateReserved": "2008-03-08T00:00:00",
    "dateUpdated": "2024-08-07T08:17:34.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0120

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN).

References

▼	URL	Tags
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg27007054	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24212	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24214	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/16158	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24213	vdb-entry, x_refsource_XF
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24215	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24216	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24217	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/18328	third-party-advisory, x_refsource_SECUNIA
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/0081	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
          },
          {
            "name": "lotus-outofoffice-dos(24212)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24212"
          },
          {
            "name": "lotus-bmp-dos(24214)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24214"
          },
          {
            "name": "16158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16158"
          },
          {
            "name": "lotus-compact-dos(24213)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24213"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument"
          },
          {
            "name": "lotus-delete-attachment-dos(24215)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24215"
          },
          {
            "name": "lotus-certificate-parsing-dos(24216)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24216"
          },
          {
            "name": "lotus-ssl-keyring-dos(24217)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24217"
          },
          {
            "name": "18328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument"
          },
          {
            "name": "ADV-2006-0081",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0081"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an \"Out Of Office\" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the \"Delete Attachment\" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
        },
        {
          "name": "lotus-outofoffice-dos(24212)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24212"
        },
        {
          "name": "lotus-bmp-dos(24214)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24214"
        },
        {
          "name": "16158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16158"
        },
        {
          "name": "lotus-compact-dos(24213)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24213"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument"
        },
        {
          "name": "lotus-delete-attachment-dos(24215)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24215"
        },
        {
          "name": "lotus-certificate-parsing-dos(24216)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24216"
        },
        {
          "name": "lotus-ssl-keyring-dos(24217)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24217"
        },
        {
          "name": "18328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument"
        },
        {
          "name": "ADV-2006-0081",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0081"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0120",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an \"Out Of Office\" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the \"Delete Attachment\" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e?OpenDocument"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd14aa109f96b852570e4001bb08c?OpenDocument"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166a44ee743b2c852570e4001baf31?OpenDocument"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
            },
            {
              "name": "lotus-outofoffice-dos(24212)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24212"
            },
            {
              "name": "lotus-bmp-dos(24214)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24214"
            },
            {
              "name": "16158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16158"
            },
            {
              "name": "lotus-compact-dos(24213)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24213"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument"
            },
            {
              "name": "lotus-delete-attachment-dos(24215)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24215"
            },
            {
              "name": "lotus-certificate-parsing-dos(24216)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24216"
            },
            {
              "name": "lotus-ssl-keyring-dos(24217)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24217"
            },
            {
              "name": "18328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18328"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f873baea4e8b852570e4001baa6d?OpenDocument"
            },
            {
              "name": "ADV-2006-0081",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0081"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0120",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.693Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2175

Vulnerability from cvelistv5

Published

2005-07-09 04:00

Modified

2024-08-07 22:15

Severity ?

Summary

The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.

References

▼	URL	Tags
	http://securitytracker.com/id?1014440	vdb-entry, x_refsource_SECTRACK
	http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:15:37.668Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1014440",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014440"
          },
          {
            "name": "20050706 Cross site scripting in Lotus Notes web mail",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-07-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-07-14T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1014440",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014440"
        },
        {
          "name": "20050706 Cross site scripting in Lotus Notes web mail",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2175",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1014440",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1014440"
            },
            {
              "name": "20050706 Cross site scripting in Lotus Notes web mail",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2175",
    "datePublished": "2005-07-09T04:00:00",
    "dateReserved": "2005-07-09T00:00:00",
    "dateUpdated": "2024-08-07T22:15:37.668Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5909

Vulnerability from cvelistv5

Published

2007-11-10 02:00

Modified

2024-08-07 15:47

Severity ?

Summary

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910.

References

▼	URL	Tags
	http://securityreason.com/securityalert/3357	third-party-advisory, x_refsource_SREASON
	http://www.zerodayinitiative.com/advisories/ZDI-07-059.html	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111	x_refsource_CONFIRM
	http://securitytracker.com/id?1018853	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/482664	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/3697	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26175	vdb-entry, x_refsource_BID
	http://vuln.sg/lotusnotes702sam-en.html	x_refsource_MISC
	http://vuln.sg/lotusnotes702mif-en.html	x_refsource_MISC
	http://www.securityfocus.com/archive/1/483102/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/27304	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21272836	x_refsource_CONFIRM
	http://vuln.sg/lotusnotes702-en.html	x_refsource_MISC
	http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1018886	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2007/3596	vdb-entry, x_refsource_VUPEN
	http://vuln.sg/lotusnotes702doc-en.html	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:47:00.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "3357",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/3357"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
          },
          {
            "name": "1018853",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018853"
          },
          {
            "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482664"
          },
          {
            "name": "ADV-2007-3697",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3697"
          },
          {
            "name": "26175",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26175"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702sam-en.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702mif-en.html"
          },
          {
            "name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
          },
          {
            "name": "27304",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27304"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702-en.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
          },
          {
            "name": "1018886",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018886"
          },
          {
            "name": "ADV-2007-3596",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3596"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://vuln.sg/lotusnotes702doc-en.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll.  NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "3357",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/3357"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
        },
        {
          "name": "1018853",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018853"
        },
        {
          "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482664"
        },
        {
          "name": "ADV-2007-3697",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3697"
        },
        {
          "name": "26175",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26175"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702sam-en.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702mif-en.html"
        },
        {
          "name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
        },
        {
          "name": "27304",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27304"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702-en.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
        },
        {
          "name": "1018886",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018886"
        },
        {
          "name": "ADV-2007-3596",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3596"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://vuln.sg/lotusnotes702doc-en.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5909",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll.  NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "3357",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/3357"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-059.html"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21271111"
            },
            {
              "name": "1018853",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018853"
            },
            {
              "name": "20071023 [vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/482664"
            },
            {
              "name": "ADV-2007-3697",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3697"
            },
            {
              "name": "26175",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26175"
            },
            {
              "name": "http://vuln.sg/lotusnotes702sam-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702sam-en.html"
            },
            {
              "name": "http://vuln.sg/lotusnotes702mif-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702mif-en.html"
            },
            {
              "name": "20071031 ZDI-07-059: Verity KeyView SDK Multiple File Format Parsing Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/483102/100/0/threaded"
            },
            {
              "name": "27304",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27304"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=899\u0026uid=swg21272836"
            },
            {
              "name": "http://vuln.sg/lotusnotes702-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702-en.html"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.11.01c.html"
            },
            {
              "name": "1018886",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018886"
            },
            {
              "name": "ADV-2007-3596",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3596"
            },
            {
              "name": "http://vuln.sg/lotusnotes702doc-en.html",
              "refsource": "MISC",
              "url": "http://vuln.sg/lotusnotes702doc-en.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5909",
    "datePublished": "2007-11-10T02:00:00",
    "dateReserved": "2007-11-09T00:00:00",
    "dateUpdated": "2024-08-07T15:47:00.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1218

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238	vdb-entry, signature, x_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67625	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:33.490Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "oval:org.mitre.oval:def:14238",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238"
          },
          {
            "name": "lotus-notes-kvarcve-bo(67625)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67625"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "oval:org.mitre.oval:def:14238",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238"
        },
        {
          "name": "lotus-notes-kvarcve-bo(67625)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67625"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1218",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "oval:org.mitre.oval:def:14238",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14238"
            },
            {
              "name": "lotus-notes-kvarcve-bo(67625)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67625"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1218",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:33.490Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2281

Vulnerability from cvelistv5

Published

2005-07-19 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3.

References

▼	URL	Tags
	http://www.osvdb.org/8416	vdb-entry, x_refsource_OSVDB
	http://www.osvdb.org/8417	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/10704	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/12046	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8416",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/8416"
          },
          {
            "name": "8417",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/8417"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
          },
          {
            "name": "10704",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10704"
          },
          {
            "name": "12046",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-01-10T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "8416",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/8416"
        },
        {
          "name": "8417",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/8417"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
        },
        {
          "name": "10704",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10704"
        },
        {
          "name": "12046",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12046"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2281",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unknown vulnerabilities in IBM Lotus Notes 6.5.x before 6.5.4 and 6.0.x before 6.0.5 have unknown impact and attack vectors, related to Java applets, as identified by (1) KSPR5YS6GR and (2) KSPR62F4D3."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8416",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/8416"
            },
            {
              "name": "8417",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/8417"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
            },
            {
              "name": "10704",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10704"
            },
            {
              "name": "12046",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12046"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2281",
    "datePublished": "2005-07-19T04:00:00",
    "dateReserved": "2005-07-19T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4820

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2012-1466.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21631786	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	http://secunia.com/advisories/51327	third-party-advisory, x_refsource_SECUNIA
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78764	vdb-entry, x_refsource_XF
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2012-1465.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51328	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/51393	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.367Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2012:1466",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "name": "51327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51327"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "ibm-java-invoke-code-execution(78764)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "name": "RHSA-2012:1465",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
          },
          {
            "name": "51328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "name": "IV29654",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "51393",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51393"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2012:1466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "name": "51327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51327"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "ibm-java-invoke-code-execution(78764)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "name": "RHSA-2012:1465",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
        },
        {
          "name": "51328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "name": "IV29654",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "51393",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51393"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2012:1466",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "51327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51327"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "ibm-java-invoke-code-execution(78764)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "RHSA-2012:1465",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
            },
            {
              "name": "51328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51328"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "IV29654",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "51393",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51393"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4820",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:17.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0480

Vulnerability from cvelistv5

Published

2004-06-30 04:00

Modified

2024-08-08 00:17

Severity ?

Summary

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP&uid=swg21169510	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/10600	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=108843896506099&w=2	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/16496	vdb-entry, x_refsource_XF
	http://www.idefense.com/application/poi/display?id=111&type=vulnerabilities	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:15.270Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510"
          },
          {
            "name": "10600",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10600"
          },
          {
            "name": "20040627 Lotus Notes URL argument injection vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108843896506099\u0026w=2"
          },
          {
            "name": "lotus-notes-xss(16496)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16496"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510"
        },
        {
          "name": "10600",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10600"
        },
        {
          "name": "20040627 Lotus Notes URL argument injection vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108843896506099\u0026w=2"
        },
        {
          "name": "lotus-notes-xss(16496)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16496"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0480",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475/context=SSKTWP\u0026uid=swg21169510"
            },
            {
              "name": "10600",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10600"
            },
            {
              "name": "20040627 Lotus Notes URL argument injection vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108843896506099\u0026w=2"
            },
            {
              "name": "lotus-notes-xss(16496)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16496"
            },
            {
              "name": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities",
              "refsource": "MISC",
              "url": "http://www.idefense.com/application/poi/display?id=111\u0026type=vulnerabilities"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0480",
    "datePublished": "2004-06-30T04:00:00",
    "dateReserved": "2004-05-18T00:00:00",
    "dateUpdated": "2024-08-08T00:17:15.270Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0119

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg27007054	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument&Highlight=0%2CGPKS6C9J67	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/16158	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/27413	vdb-entry, x_refsource_XF
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument&Highlight=0%2CKSPR699NBP	x_refsource_CONFIRM
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument&Highlight=0%2CGPKS6C9J67	x_refsource_CONFIRM
	http://secunia.com/advisories/18328	third-party-advisory, x_refsource_SECUNIA
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument&Highlight=0%2CJGAN6B6TZ3	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/2564	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24207	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/20855	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24211	vdb-entry, x_refsource_XF
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument&Highlight=0%2CGPKS5YQGPT	x_refsource_CONFIRM
	http://securitytracker.com/id?1016390	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/18020	vdb-entry, x_refsource_BID
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument&Highlight=0%2CHSAO6BNL6Y	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/438461/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2006/0081	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:32.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
          },
          {
            "name": "16158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16158"
          },
          {
            "name": "domino-smtp-nrouter-dos(27413)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27413"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0%2CKSPR699NBP"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
          },
          {
            "name": "18328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18328"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0%2CJGAN6B6TZ3"
          },
          {
            "name": "ADV-2006-2564",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2564"
          },
          {
            "name": "lotus-multiple-unspecified(24207)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24207"
          },
          {
            "name": "20855",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20855"
          },
          {
            "name": "lotus-web-unspecified-xss(24211)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24211"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0%2CGPKS5YQGPT"
          },
          {
            "name": "1016390",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016390"
          },
          {
            "name": "18020",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18020"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0%2CHSAO6BNL6Y"
          },
          {
            "name": "20060626 SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/438461/100/0/threaded"
          },
          {
            "name": "ADV-2006-0081",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0081"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to \"potential security issues\" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
        },
        {
          "name": "16158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16158"
        },
        {
          "name": "domino-smtp-nrouter-dos(27413)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27413"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0%2CKSPR699NBP"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0%2CGPKS6C9J67"
        },
        {
          "name": "18328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18328"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0%2CJGAN6B6TZ3"
        },
        {
          "name": "ADV-2006-2564",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2564"
        },
        {
          "name": "lotus-multiple-unspecified(24207)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24207"
        },
        {
          "name": "20855",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20855"
        },
        {
          "name": "lotus-web-unspecified-xss(24211)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24211"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0%2CGPKS5YQGPT"
        },
        {
          "name": "1016390",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016390"
        },
        {
          "name": "18020",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18020"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0%2CHSAO6BNL6Y"
        },
        {
          "name": "20060626 SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/438461/100/0/threaded"
        },
        {
          "name": "ADV-2006-0081",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0081"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0119",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to \"potential security issues\" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0,GPKS6C9J67",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument\u0026Highlight=0,GPKS6C9J67"
            },
            {
              "name": "16158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16158"
            },
            {
              "name": "domino-smtp-nrouter-dos(27413)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27413"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0,KSPR699NBP",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument\u0026Highlight=0,KSPR699NBP"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0,GPKS6C9J67",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument\u0026Highlight=0,GPKS6C9J67"
            },
            {
              "name": "18328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18328"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0,JGAN6B6TZ3",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument\u0026Highlight=0,JGAN6B6TZ3"
            },
            {
              "name": "ADV-2006-2564",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2564"
            },
            {
              "name": "lotus-multiple-unspecified(24207)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24207"
            },
            {
              "name": "20855",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20855"
            },
            {
              "name": "lotus-web-unspecified-xss(24211)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24211"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0,GPKS5YQGPT",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument\u0026Highlight=0,GPKS5YQGPT"
            },
            {
              "name": "1016390",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016390"
            },
            {
              "name": "18020",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18020"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0,HSAO6BNL6Y",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument\u0026Highlight=0,HSAO6BNL6Y"
            },
            {
              "name": "20060626 SYMSA-2006-006: Lotus Domino SMTP Based Denial of Service",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/438461/100/0/threaded"
            },
            {
              "name": "ADV-2006-0081",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0081"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0119",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:32.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-0118

Vulnerability from cvelistv5

Published

2006-01-09 11:00

Modified

2024-08-07 16:25

Severity ?

Summary

Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas.

References

▼	URL	Tags
	http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24206	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg27007054	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/16158	vdb-entry, x_refsource_BID
	http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument	x_refsource_CONFIRM
	http://secunia.com/advisories/18328	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/0081	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:25:33.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
          },
          {
            "name": "lotus-long-formula-bo(24206)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24206"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
          },
          {
            "name": "16158",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16158"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
          },
          {
            "name": "18328",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18328"
          },
          {
            "name": "ADV-2006-0081",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0081"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
        },
        {
          "name": "lotus-long-formula-bo(24206)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24206"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
        },
        {
          "name": "16158",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16158"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
        },
        {
          "name": "18328",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18328"
        },
        {
          "name": "ADV-2006-0081",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0081"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0118",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument"
            },
            {
              "name": "lotus-long-formula-bo(24206)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24206"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg27007054"
            },
            {
              "name": "16158",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16158"
            },
            {
              "name": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument",
              "refsource": "CONFIRM",
              "url": "http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument"
            },
            {
              "name": "18328",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18328"
            },
            {
              "name": "ADV-2006-0081",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0081"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0118",
    "datePublished": "2006-01-09T11:00:00",
    "dateReserved": "2006-01-09T00:00:00",
    "dateUpdated": "2024-08-07T16:25:33.567Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2454

Vulnerability from cvelistv5

Published

2006-10-18 22:00

Modified

2024-08-07 22:29

Severity ?

Summary

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2006/4093	vdb-entry, x_refsource_VUPEN
	http://secunia.com/secunia_research/2005-29/advisory/	x_refsource_MISC
	http://www.osvdb.org/29761	vdb-entry, x_refsource_OSVDB
	http://www.kb.cert.org/vuls/id/383092	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/19537	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/449126/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/27342	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/20612	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/29660	vdb-entry, x_refsource_XF
	http://securitytracker.com/id?1017086	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:29:59.714Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2006-4093",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4093"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-29/advisory/"
          },
          {
            "name": "29761",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29761"
          },
          {
            "name": "VU#383092",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/383092"
          },
          {
            "name": "19537",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19537"
          },
          {
            "name": "20061018 Secunia Research: IBM Lotus Notes Insecure Default FolderPermissions",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/449126/100/0/threaded"
          },
          {
            "name": "27342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27342"
          },
          {
            "name": "20612",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20612"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773"
          },
          {
            "name": "lotusnotes-directory-insecure-permission(29660)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29660"
          },
          {
            "name": "1017086",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017086"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the \"Notes\" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2006-4093",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4093"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-29/advisory/"
        },
        {
          "name": "29761",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29761"
        },
        {
          "name": "VU#383092",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/383092"
        },
        {
          "name": "19537",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19537"
        },
        {
          "name": "20061018 Secunia Research: IBM Lotus Notes Insecure Default FolderPermissions",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/449126/100/0/threaded"
        },
        {
          "name": "27342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27342"
        },
        {
          "name": "20612",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20612"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773"
        },
        {
          "name": "lotusnotes-directory-insecure-permission(29660)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29660"
        },
        {
          "name": "1017086",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017086"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2454",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the \"Notes\" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2006-4093",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4093"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-29/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-29/advisory/"
            },
            {
              "name": "29761",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29761"
            },
            {
              "name": "VU#383092",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/383092"
            },
            {
              "name": "19537",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19537"
            },
            {
              "name": "20061018 Secunia Research: IBM Lotus Notes Insecure Default FolderPermissions",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/449126/100/0/threaded"
            },
            {
              "name": "27342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27342"
            },
            {
              "name": "20612",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20612"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21246773"
            },
            {
              "name": "lotusnotes-directory-insecure-permission(29660)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29660"
            },
            {
              "name": "1017086",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017086"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2454",
    "datePublished": "2006-10-18T22:00:00",
    "dateReserved": "2005-08-04T00:00:00",
    "dateUpdated": "2024-08-07T22:29:59.714Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-4564

Vulnerability from cvelistv5

Published

2009-03-18 15:00

Modified

2024-08-07 10:24

Severity ?

Summary

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file.

References

▼	URL	Tags
	http://www.symantec.com/avcenter/security/Content/2009.03.17a.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0744	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/34303	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1021859	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/34307	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/49284	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?rs=463&uid=swg21377573	x_refsource_CONFIRM
	http://secunia.com/advisories/34318	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1021856	vdb-entry, x_refsource_SECTRACK
	http://securitytracker.com/id?1021857	vdb-entry, x_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/276563	third-party-advisory, x_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2009/0756	vdb-entry, x_refsource_VUPEN
	https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html	x_refsource_CONFIRM
	http://secunia.com/advisories/34355	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/52713	vdb-entry, x_refsource_OSVDB
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/34086	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2009/0757	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:24:18.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
          },
          {
            "name": "ADV-2009-0744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0744"
          },
          {
            "name": "34303",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34303"
          },
          {
            "name": "1021859",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021859"
          },
          {
            "name": "34307",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34307"
          },
          {
            "name": "autonomy-keyview-wp6sr-bo(49284)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
          },
          {
            "name": "34318",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34318"
          },
          {
            "name": "1021856",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021856"
          },
          {
            "name": "1021857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021857"
          },
          {
            "name": "VU#276563",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/276563"
          },
          {
            "name": "ADV-2009-0756",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0756"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
          },
          {
            "name": "34355",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34355"
          },
          {
            "name": "52713",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/52713"
          },
          {
            "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
          },
          {
            "name": "34086",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34086"
          },
          {
            "name": "ADV-2009-0757",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0757"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
        },
        {
          "name": "ADV-2009-0744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0744"
        },
        {
          "name": "34303",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34303"
        },
        {
          "name": "1021859",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021859"
        },
        {
          "name": "34307",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34307"
        },
        {
          "name": "autonomy-keyview-wp6sr-bo(49284)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
        },
        {
          "name": "34318",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34318"
        },
        {
          "name": "1021856",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021856"
        },
        {
          "name": "1021857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021857"
        },
        {
          "name": "VU#276563",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/276563"
        },
        {
          "name": "ADV-2009-0756",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0756"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
        },
        {
          "name": "34355",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34355"
        },
        {
          "name": "52713",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/52713"
        },
        {
          "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
        },
        {
          "name": "34086",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34086"
        },
        {
          "name": "ADV-2009-0757",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0757"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2009.03.17a.html"
            },
            {
              "name": "ADV-2009-0744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0744"
            },
            {
              "name": "34303",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34303"
            },
            {
              "name": "1021859",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021859"
            },
            {
              "name": "34307",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34307"
            },
            {
              "name": "autonomy-keyview-wp6sr-bo(49284)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49284"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?rs=463\u0026uid=swg21377573"
            },
            {
              "name": "34318",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34318"
            },
            {
              "name": "1021856",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021856"
            },
            {
              "name": "1021857",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021857"
            },
            {
              "name": "VU#276563",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/276563"
            },
            {
              "name": "ADV-2009-0756",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0756"
            },
            {
              "name": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html",
              "refsource": "CONFIRM",
              "url": "https://customers.autonomy.com/support/secure/docs/Updates/Keyview/Filter%20SDK/10.4/kv_update_nti40_10.4.zip.readme.html"
            },
            {
              "name": "34355",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34355"
            },
            {
              "name": "52713",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/52713"
            },
            {
              "name": "20090317 Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774"
            },
            {
              "name": "34086",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34086"
            },
            {
              "name": "ADV-2009-0757",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0757"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4564",
    "datePublished": "2009-03-18T15:00:00",
    "dateReserved": "2008-10-14T00:00:00",
    "dateUpdated": "2024-08-07T10:24:18.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-0862

Vulnerability from cvelistv5

Published

2008-02-21 01:00

Modified

2024-08-07 08:01

Severity ?

Summary

IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection.

References

▼	URL	Tags
	http://www.vupen.com/english/advisories/2008/0600/references	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/29031	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg21257250	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:01:39.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2008-0600",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0600/references"
          },
          {
            "name": "29031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29031"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-02-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2008-0600",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0600/references"
        },
        {
          "name": "29031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29031"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-0862",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2008-0600",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0600/references"
            },
            {
              "name": "29031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29031"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257250"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-0862",
    "datePublished": "2008-02-21T01:00:00",
    "dateReserved": "2008-02-20T00:00:00",
    "dateUpdated": "2024-08-07T08:01:39.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1512

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:28

Severity ?

Summary

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/518120/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow	x_refsource_MISC
	http://securityreason.com/securityalert/8263	third-party-advisory, x_refsource_SREASON
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203	vdb-entry, signature, x_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67619	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:28:41.814Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "20110524 CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/518120/100/0/threaded"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow"
          },
          {
            "name": "8263",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8263"
          },
          {
            "name": "oval:org.mitre.oval:def:14203",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203"
          },
          {
            "name": "lotus-notes-xlssr-bo(67619)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67619"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "20110524 CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/518120/100/0/threaded"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow"
        },
        {
          "name": "8263",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8263"
        },
        {
          "name": "oval:org.mitre.oval:def:14203",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203"
        },
        {
          "name": "lotus-notes-xlssr-bo(67619)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67619"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1512",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "20110524 CORE-2010-0908: Lotus Notes XLS viewer malformed BIFF record heap overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/518120/100/0/threaded"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow"
            },
            {
              "name": "8263",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8263"
            },
            {
              "name": "oval:org.mitre.oval:def:14203",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203"
            },
            {
              "name": "lotus-notes-xlssr-bo(67619)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67619"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1512",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-23T00:00:00",
    "dateUpdated": "2024-08-06T22:28:41.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-4821

Vulnerability from cvelistv5

Published

2013-01-11 00:00

Modified

2024-08-06 20:50

Severity ?

Summary

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21616616	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616594	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/78765	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21616617	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21621154	x_refsource_CONFIRM
	http://seclists.org/bugtraq/2012/Sep/38	mailing-list, x_refsource_BUGTRAQ
	http://www-01.ibm.com/support/docview.wss?uid=swg21616652	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/55495	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21615800	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21616490	x_refsource_CONFIRM
	https://www-304.ibm.com/support/docview.wss?uid=swg21616546	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1467.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21616708	x_refsource_CONFIRM
	http://secunia.com/advisories/51634	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21615705	x_refsource_CONFIRM
	http://secunia.com/advisories/51326	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:16.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
          },
          {
            "name": "ibm-java-gdm-sa-ce(78765)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
          },
          {
            "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://seclists.org/bugtraq/2012/Sep/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
          },
          {
            "name": "IV29659",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
          },
          {
            "name": "55495",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55495"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
          },
          {
            "name": "RHSA-2012:1467",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
          },
          {
            "name": "51634",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51634"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
          },
          {
            "name": "51326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51326"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
        },
        {
          "name": "ibm-java-gdm-sa-ce(78765)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
        },
        {
          "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://seclists.org/bugtraq/2012/Sep/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
        },
        {
          "name": "IV29659",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
        },
        {
          "name": "55495",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55495"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
        },
        {
          "name": "RHSA-2012:1467",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
        },
        {
          "name": "51634",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51634"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
        },
        {
          "name": "51326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51326"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2012-4821",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
            },
            {
              "name": "ibm-java-gdm-sa-ce(78765)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
            },
            {
              "name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
              "refsource": "BUGTRAQ",
              "url": "http://seclists.org/bugtraq/2012/Sep/38"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
            },
            {
              "name": "IV29659",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
            },
            {
              "name": "55495",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/55495"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
            },
            {
              "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
            },
            {
              "name": "RHSA-2012:1467",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
            },
            {
              "name": "51634",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51634"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
            },
            {
              "name": "51326",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51326"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2012-4821",
    "datePublished": "2013-01-11T00:00:00",
    "dateReserved": "2012-09-06T00:00:00",
    "dateUpdated": "2024-08-06T20:50:16.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-2619

Vulnerability from cvelistv5

Published

2006-02-15 00:00

Modified

2024-08-07 22:30

Severity ?

Summary

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21229918	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2006/0500	vdb-entry, x_refsource_VUPEN
	http://www.osvdb.org/23066	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/archive/1/424717/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://securitytracker.com/id?1015657	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/16576	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24637	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/16100	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2005-30/advisory/	x_refsource_MISC
	http://secunia.com/secunia_research/2005-66/advisory/	x_refsource_MISC
	http://secunia.com/advisories/16280	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:30:01.806Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
          },
          {
            "name": "ADV-2006-0500",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0500"
          },
          {
            "name": "23066",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/23066"
          },
          {
            "name": "20060210 Secunia Research: Lotus Notes Multiple Archive Handling DirectoryTraversal",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/424717/100/0/threaded"
          },
          {
            "name": "1015657",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015657"
          },
          {
            "name": "16576",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16576"
          },
          {
            "name": "lotus-kvarcve-directory-traversal(24637)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24637"
          },
          {
            "name": "16100",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16100"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-30/advisory/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2005-66/advisory/"
          },
          {
            "name": "16280",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/16280"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-02-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
        },
        {
          "name": "ADV-2006-0500",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0500"
        },
        {
          "name": "23066",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/23066"
        },
        {
          "name": "20060210 Secunia Research: Lotus Notes Multiple Archive Handling DirectoryTraversal",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/424717/100/0/threaded"
        },
        {
          "name": "1015657",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015657"
        },
        {
          "name": "16576",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16576"
        },
        {
          "name": "lotus-kvarcve-directory-traversal(24637)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24637"
        },
        {
          "name": "16100",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16100"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-30/advisory/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2005-66/advisory/"
        },
        {
          "name": "16280",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/16280"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-2619",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not properly handled when generating a preview."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21229918"
            },
            {
              "name": "ADV-2006-0500",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0500"
            },
            {
              "name": "23066",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/23066"
            },
            {
              "name": "20060210 Secunia Research: Lotus Notes Multiple Archive Handling DirectoryTraversal",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/424717/100/0/threaded"
            },
            {
              "name": "1015657",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015657"
            },
            {
              "name": "16576",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16576"
            },
            {
              "name": "lotus-kvarcve-directory-traversal(24637)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24637"
            },
            {
              "name": "16100",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16100"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-30/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-30/advisory/"
            },
            {
              "name": "http://secunia.com/secunia_research/2005-66/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2005-66/advisory/"
            },
            {
              "name": "16280",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/16280"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-2619",
    "datePublished": "2006-02-15T00:00:00",
    "dateReserved": "2005-08-17T00:00:00",
    "dateUpdated": "2024-08-07T22:30:01.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-3032

Vulnerability from cvelistv5

Published

2010-03-05 19:00

Modified

2024-08-07 06:14

Severity ?

Summary

Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.

References

▼	URL	Tags
	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00	x_refsource_CONFIRM
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858	third-party-advisory, x_refsource_IDEFENSE
	http://www-01.ibm.com/support/docview.wss?uid=swg21440812	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/38468	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:56.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
          },
          {
            "name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
          },
          {
            "name": "38468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38468"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-03-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-08-20T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
        },
        {
          "name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
        },
        {
          "name": "38468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38468"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3032",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
            },
            {
              "name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
            },
            {
              "name": "38468",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38468"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3032",
    "datePublished": "2010-03-05T19:00:00",
    "dateReserved": "2009-08-31T00:00:00",
    "dateUpdated": "2024-08-07T06:14:56.444Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0538

Vulnerability from cvelistv5

Published

2013-05-01 10:00

Modified

2024-08-06 14:33

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83270	vdb-entry, x_refsource_XF
	http://www.kb.cert.org/vuls/id/912420	third-party-advisory, x_refsource_CERT-VN
	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:33:05.095Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-notes-javascript-tags(83270)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83270"
          },
          {
            "name": "VU#912420",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/912420"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "ibm-notes-javascript-tags(83270)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83270"
        },
        {
          "name": "VU#912420",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/912420"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-0538",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-notes-javascript-tags(83270)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83270"
            },
            {
              "name": "VU#912420",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/912420"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-0538",
    "datePublished": "2013-05-01T10:00:00",
    "dateReserved": "2012-12-16T00:00:00",
    "dateUpdated": "2024-08-06T14:33:05.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2280

Vulnerability from cvelistv5

Published

2005-07-19 04:00

Modified

2024-08-08 01:22

Severity ?

Summary

Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/10704	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/12046	third-party-advisory, x_refsource_SECUNIA
	http://www.osvdb.org/8418	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
          },
          {
            "name": "10704",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10704"
          },
          {
            "name": "12046",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12046"
          },
          {
            "name": "8418",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/8418"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-07-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-01-10T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
        },
        {
          "name": "10704",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10704"
        },
        {
          "name": "12046",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12046"
        },
        {
          "name": "8418",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/8418"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2280",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026context=SSKTWP\u0026q1=Java\u0026uid=swg21173910\u0026loc=en_US\u0026cs=utf-8\u0026lang=en"
            },
            {
              "name": "10704",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10704"
            },
            {
              "name": "12046",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12046"
            },
            {
              "name": "8418",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/8418"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2280",
    "datePublished": "2005-07-19T04:00:00",
    "dateReserved": "2005-07-19T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.555Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2000-0891

Vulnerability from cvelistv5

Published

2002-03-09 05:00

Modified

2024-08-08 05:37

Severity ?

Summary

A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.

References

▼	URL	Tags
	http://www.kb.cert.org/vuls/id/5962	third-party-advisory, x_refsource_CERT-VN
	http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5045	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:37:31.501Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#5962",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/5962"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.notes.net/R5FixList.nsf/Search%21SearchView\u0026Query=CBAT45TU9S"
          },
          {
            "name": "lotus-notes-bypass-ecl(5045)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5045"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "1997-08-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#5962",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/5962"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.notes.net/R5FixList.nsf/Search%21SearchView\u0026Query=CBAT45TU9S"
        },
        {
          "name": "lotus-notes-bypass-ecl(5045)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5045"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-0891",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#5962",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/5962"
            },
            {
              "name": "http://www.notes.net/R5FixList.nsf/Search!SearchView\u0026Query=CBAT45TU9S",
              "refsource": "CONFIRM",
              "url": "http://www.notes.net/R5FixList.nsf/Search!SearchView\u0026Query=CBAT45TU9S"
            },
            {
              "name": "lotus-notes-bypass-ecl(5045)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5045"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-0891",
    "datePublished": "2002-03-09T05:00:00",
    "dateReserved": "2000-11-14T00:00:00",
    "dateUpdated": "2024-08-08T05:37:31.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1215

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67622	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650	vdb-entry, signature, x_refsource_OVAL
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906	third-party-advisory, x_refsource_IDEFENSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:34.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "lotus-notes-mw8sr-bo(67622)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
          },
          {
            "name": "oval:org.mitre.oval:def:14650",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
          },
          {
            "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "lotus-notes-mw8sr-bo(67622)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
        },
        {
          "name": "oval:org.mitre.oval:def:14650",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
        },
        {
          "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1215",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "lotus-notes-mw8sr-bo(67622)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
            },
            {
              "name": "oval:org.mitre.oval:def:14650",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
            },
            {
              "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1215",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:34.045Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-0912

Vulnerability from cvelistv5

Published

2011-02-08 21:00

Modified

2024-08-06 22:05

Severity ?

Summary

Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2.

References

▼	URL	Tags
	http://zerodayinitiative.com/advisories/ZDI-11-051/	x_refsource_MISC
	http://secunia.com/advisories/43222	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2011/0295	vdb-entry, x_refsource_VUPEN
	http://www-01.ibm.com/support/docview.wss?uid=swg21461514	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:05:54.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://zerodayinitiative.com/advisories/ZDI-11-051/"
          },
          {
            "name": "43222",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43222"
          },
          {
            "name": "oval:org.mitre.oval:def:14348",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348"
          },
          {
            "name": "ADV-2011-0295",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0295"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://zerodayinitiative.com/advisories/ZDI-11-051/"
        },
        {
          "name": "43222",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43222"
        },
        {
          "name": "oval:org.mitre.oval:def:14348",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348"
        },
        {
          "name": "ADV-2011-0295",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0295"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-0912",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://zerodayinitiative.com/advisories/ZDI-11-051/",
              "refsource": "MISC",
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-051/"
            },
            {
              "name": "43222",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43222"
            },
            {
              "name": "oval:org.mitre.oval:def:14348",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14348"
            },
            {
              "name": "ADV-2011-0295",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0295"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21461514"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-0912",
    "datePublished": "2011-02-08T21:00:00",
    "dateReserved": "2011-02-08T00:00:00",
    "dateUpdated": "2024-08-06T22:05:54.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0892

Vulnerability from cvelistv5

Published

2014-04-23 19:00

Modified

2024-08-06 09:27

Severity ?

Summary

IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.

References

▼	URL	Tags
	http://www.kb.cert.org/vuls/id/350089	third-party-advisory, x_refsource_CERT-VN
	http://www-01.ibm.com/support/docview.wss?uid=swg21670264	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/91286	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:20.209Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#350089",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/350089"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
          },
          {
            "name": "ibm-notes-cve20140892-linux32-rce(91286)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91286"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "VU#350089",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/350089"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
        },
        {
          "name": "ibm-notes-cve20140892-linux32-rce(91286)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91286"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-0892",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#350089",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/350089"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21670264"
            },
            {
              "name": "ibm-notes-cve20140892-linux32-rce(91286)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91286"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-0892",
    "datePublished": "2014-04-23T19:00:00",
    "dateReserved": "2014-01-06T00:00:00",
    "dateUpdated": "2024-08-06T09:27:20.209Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-1948

Vulnerability from cvelistv5

Published

2006-04-20 22:00

Modified

2024-08-07 17:35

Severity ?

Summary

The "Add Sender to Address Book" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21232945	x_refsource_CONFIRM
	http://securitytracker.com/id?1015914	vdb-entry, x_refsource_SECTRACK

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:35:30.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945"
          },
          {
            "name": "1015914",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015914"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The \"Add Sender to Address Book\" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-08-25T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945"
        },
        {
          "name": "1015914",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015914"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1948",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The \"Add Sender to Address Book\" operation (AddSenderToAddressBook.lss) and NameHelper.lss in IBM Lotus Notes 6.0 and 6.5 before 20060331 do not properly store information in the Personal Address Book when multiple messages are checked and a message uses AltFrom, which might allow user-assisted remote attackers to trick a user into sending e-mail to an unauthorized recipient."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=475\u0026uid=swg21232945"
            },
            {
              "name": "1015914",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015914"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1948",
    "datePublished": "2006-04-20T22:00:00",
    "dateReserved": "2006-04-20T00:00:00",
    "dateUpdated": "2024-08-07T17:35:30.395Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4222

Vulnerability from cvelistv5

Published

2007-10-29 22:00

Modified

2024-08-07 14:46

Severity ?

Summary

Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?rs=477&uid=swg21272930	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/26200	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/id?1018857	vdb-entry, x_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilities/37363	vdb-entry, x_refsource_XF
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604	third-party-advisory, x_refsource_IDEFENSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930"
          },
          {
            "name": "26200",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26200"
          },
          {
            "name": "1018857",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018857"
          },
          {
            "name": "notes-html-bo(37363)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37363"
          },
          {
            "name": "20071023 IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930"
        },
        {
          "name": "26200",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26200"
        },
        {
          "name": "1018857",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018857"
        },
        {
          "name": "notes-html-bo(37363)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37363"
        },
        {
          "name": "20071023 IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4222",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=477\u0026uid=swg21272930"
            },
            {
              "name": "26200",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26200"
            },
            {
              "name": "1018857",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018857"
            },
            {
              "name": "notes-html-bo(37363)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37363"
            },
            {
              "name": "20071023 IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=604"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4222",
    "datePublished": "2007-10-29T22:00:00",
    "dateReserved": "2007-08-08T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-0127

Vulnerability from cvelistv5

Published

2013-05-01 10:00

Modified

2024-08-06 14:18

Severity ?

Summary

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49.

References

▼	URL	Tags
	http://seclists.org/fulldisclosure/2013/Apr/262	mailing-list, x_refsource_FULLDISC
	http://www.kb.cert.org/vuls/id/912420	third-party-advisory, x_refsource_CERT-VN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/83775	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg21633819	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:18:09.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20130501 n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2013/Apr/262"
          },
          {
            "name": "VU#912420",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/912420"
          },
          {
            "name": "ibm-notes-applet-tags(83775)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83775"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "20130501 n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2013/Apr/262"
        },
        {
          "name": "VU#912420",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/912420"
        },
        {
          "name": "ibm-notes-applet-tags(83775)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83775"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2013-0127",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20130501 n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2013/Apr/262"
            },
            {
              "name": "VU#912420",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/912420"
            },
            {
              "name": "ibm-notes-applet-tags(83775)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83775"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633819"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2013-0127",
    "datePublished": "2013-05-01T10:00:00",
    "dateReserved": "2012-12-06T00:00:00",
    "dateUpdated": "2024-08-06T14:18:09.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6020

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 15:54

Severity ?

Summary

Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.

References

▼	URL	Tags
	http://secunia.com/advisories/28140	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2007-106/advisory/	x_refsource_MISC
	http://secunia.com/advisories/29342	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27763	third-party-advisory, x_refsource_SECUNIA
	http://www.symantec.com/avcenter/security/Content/2008.04.08e.html	x_refsource_CONFIRM
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/490827/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/secunia_research/2007-105/advisory/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/490829/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/490830/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/490831/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41716	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2008/1154	vdb-entry, x_refsource_VUPEN
	http://www.securitytracker.com/id?1019841	vdb-entry, x_refsource_SECTRACK
	http://securitytracker.com/id?1019805	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN
	http://secunia.com/secunia_research/2007-104/advisory/	x_refsource_MISC
	http://secunia.com/secunia_research/2007-107/advisory/	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.510Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28140"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-106/advisory/"
          },
          {
            "name": "29342",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29342"
          },
          {
            "name": "27763",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27763"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
          },
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-105/advisory/"
          },
          {
            "name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
          },
          {
            "name": "autonomy-keyview-foliosr-bo(41716)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
          },
          {
            "name": "ADV-2008-1154",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1154"
          },
          {
            "name": "1019841",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019841"
          },
          {
            "name": "1019805",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019805"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-104/advisory/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-107/advisory/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28140"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-106/advisory/"
        },
        {
          "name": "29342",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29342"
        },
        {
          "name": "27763",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27763"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
        },
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-105/advisory/"
        },
        {
          "name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
        },
        {
          "name": "autonomy-keyview-foliosr-bo(41716)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
        },
        {
          "name": "ADV-2008-1154",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1154"
        },
        {
          "name": "1019841",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019841"
        },
        {
          "name": "1019805",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019805"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-104/advisory/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-107/advisory/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-6020",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28140"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-106/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-106/advisory/"
            },
            {
              "name": "29342",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29342"
            },
            {
              "name": "27763",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27763"
            },
            {
              "name": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/avcenter/security/Content/2008.04.08e.html"
            },
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "20080414 Secunia Research: activePDF DocConverter Folio Flat File ParsingBuffer Overflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490827/100/0/threaded"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-105/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-105/advisory/"
            },
            {
              "name": "20080414 Secunia Research: Autonomy Keyview Folio Flat File Parsing BufferOverflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490829/100/0/threaded"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "20080414 Secunia Research: Symantec Mail Security Folio Flat File ParsingBuffer Overflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490830/100/0/threaded"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes Folio Flat File Parsing BufferOverflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490831/100/0/threaded"
            },
            {
              "name": "autonomy-keyview-foliosr-bo(41716)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41716"
            },
            {
              "name": "ADV-2008-1154",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1154"
            },
            {
              "name": "1019841",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019841"
            },
            {
              "name": "1019805",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019805"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-104/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-104/advisory/"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-107/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-107/advisory/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-6020",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2007-11-19T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.510Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-1101

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 08:08

Severity ?

Summary

Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document.

References

▼	URL	Tags
	http://secunia.com/advisories/28140	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41725	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2008-12/advisory/	x_refsource_MISC
	http://www.securityfocus.com/archive/1/490826/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:08:57.415Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28140",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28140"
          },
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "autonomy-keyview-kvdocve-bo(41725)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-12/advisory/"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes kvdocve.dll Path Processing BufferOverflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28140",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28140"
        },
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "autonomy-keyview-kvdocve-bo(41725)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-12/advisory/"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes kvdocve.dll Path Processing BufferOverflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-1101",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28140",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28140"
            },
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "autonomy-keyview-kvdocve-bo(41725)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41725"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-12/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-12/advisory/"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes kvdocve.dll Path Processing BufferOverflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490826/100/0/threaded"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-1101",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2008-02-29T00:00:00",
    "dateUpdated": "2024-08-07T08:08:57.415Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-1487

Vulnerability from cvelistv5

Published

2010-04-20 15:00

Modified

2024-08-07 01:28

Severity ?

Summary

IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21427073	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/39525	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/39507	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:28:41.264Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073"
          },
          {
            "name": "39525",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/39525"
          },
          {
            "name": "39507",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39507"
          },
          {
            "name": "oval:org.mitre.oval:def:14725",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073"
        },
        {
          "name": "39525",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/39525"
        },
        {
          "name": "39507",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39507"
        },
        {
          "name": "oval:org.mitre.oval:def:14725",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-1487",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21427073"
            },
            {
              "name": "39525",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/39525"
            },
            {
              "name": "39507",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39507"
            },
            {
              "name": "oval:org.mitre.oval:def:14725",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-1487",
    "datePublished": "2010-04-20T15:00:00",
    "dateReserved": "2010-04-20T00:00:00",
    "dateUpdated": "2024-08-07T01:28:41.264Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2000-1138

Vulnerability from cvelistv5

Published

2000-12-19 05:00

Modified

2024-08-08 05:45

Severity ?

Summary

Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/1925	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=97370725220953&w=2	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T05:45:36.411Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1925",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/1925"
          },
          {
            "name": "20001108 Lotus Notes R5 clients - no warning for broken signature or encryption",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=97370725220953\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-11-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1925",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/1925"
        },
        {
          "name": "20001108 Lotus Notes R5 clients - no warning for broken signature or encryption",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=97370725220953\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2000-1138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1925",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/1925"
            },
            {
              "name": "20001108 Lotus Notes R5 clients - no warning for broken signature or encryption",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=97370725220953\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2000-1138",
    "datePublished": "2000-12-19T05:00:00",
    "dateReserved": "2000-12-14T00:00:00",
    "dateUpdated": "2024-08-08T05:45:36.411Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1213

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904	third-party-advisory, x_refsource_IDEFENSE
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67620	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634	vdb-entry, signature, x_refsource_OVAL
	http://securityreason.com/securityalert/8285	third-party-advisory, x_refsource_SREASON

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:34.177Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "20110524 IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "lotus-notes-lzhsr-bo(67620)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67620"
          },
          {
            "name": "oval:org.mitre.oval:def:14634",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634"
          },
          {
            "name": "8285",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8285"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "20110524 IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "lotus-notes-lzhsr-bo(67620)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67620"
        },
        {
          "name": "oval:org.mitre.oval:def:14634",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634"
        },
        {
          "name": "8285",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8285"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "20110524 IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "lotus-notes-lzhsr-bo(67620)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67620"
            },
            {
              "name": "oval:org.mitre.oval:def:14634",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634"
            },
            {
              "name": "8285",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8285"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1213",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:34.177Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-1214

Vulnerability from cvelistv5

Published

2011-05-31 20:00

Modified

2024-08-06 22:21

Severity ?

Summary

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.

References

▼	URL	Tags
	http://www.ibm.com/support/docview.wss?uid=swg21500034	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/47962	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/44624	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905	third-party-advisory, x_refsource_IDEFENSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/67621	vdb-entry, x_refsource_XF
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309	vdb-entry, signature, x_refsource_OVAL

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:33.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "20110524 IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905"
          },
          {
            "name": "lotus-notes-rtfsr-bo(67621)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67621"
          },
          {
            "name": "oval:org.mitre.oval:def:14309",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "20110524 IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905"
        },
        {
          "name": "lotus-notes-rtfsr-bo(67621)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67621"
        },
        {
          "name": "oval:org.mitre.oval:def:14309",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "20110524 IBM Lotus Notes RTF Attachment Viewer Stack Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905"
            },
            {
              "name": "lotus-notes-rtfsr-bo(67621)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67621"
            },
            {
              "name": "oval:org.mitre.oval:def:14309",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14309"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1214",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:33.412Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5399

Vulnerability from cvelistv5

Published

2008-04-10 18:00

Modified

2024-08-07 15:31

Severity ?

Summary

Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename.

References

▼	URL	Tags
	http://secunia.com/advisories/28209	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/490832/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1156	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21298453	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/28454	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/28210	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/secunia_research/2007-91/advisory/	x_refsource_MISC
	http://www.securitytracker.com/id?1019842	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/490833/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1153	vdb-entry, x_refsource_VUPEN
	http://secunia.com/secunia_research/2007-92/advisory/	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41723	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.832Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "28209",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28209"
          },
          {
            "name": "20080414 Secunia Research: Autonomy Keyview EML Reader Buffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490832/100/0/threaded"
          },
          {
            "name": "ADV-2008-1156",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1156"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
          },
          {
            "name": "28454",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/28454"
          },
          {
            "name": "28210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28210"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-91/advisory/"
          },
          {
            "name": "1019842",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019842"
          },
          {
            "name": "20080414 Secunia Research: Lotus Notes EML Reader Buffer Overflows",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490833/100/0/threaded"
          },
          {
            "name": "ADV-2008-1153",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1153"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2007-92/advisory/"
          },
          {
            "name": "autonomy-keyview-eml-multiple-bo(41723)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41723"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "name": "28209",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28209"
        },
        {
          "name": "20080414 Secunia Research: Autonomy Keyview EML Reader Buffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490832/100/0/threaded"
        },
        {
          "name": "ADV-2008-1156",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1156"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
        },
        {
          "name": "28454",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/28454"
        },
        {
          "name": "28210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28210"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-91/advisory/"
        },
        {
          "name": "1019842",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019842"
        },
        {
          "name": "20080414 Secunia Research: Lotus Notes EML Reader Buffer Overflows",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490833/100/0/threaded"
        },
        {
          "name": "ADV-2008-1153",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1153"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2007-92/advisory/"
        },
        {
          "name": "autonomy-keyview-eml-multiple-bo(41723)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41723"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2007-5399",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "28209",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28209"
            },
            {
              "name": "20080414 Secunia Research: Autonomy Keyview EML Reader Buffer Overflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490832/100/0/threaded"
            },
            {
              "name": "ADV-2008-1156",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1156"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?rs=463\u0026uid=swg21298453"
            },
            {
              "name": "28454",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/28454"
            },
            {
              "name": "28210",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28210"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-91/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-91/advisory/"
            },
            {
              "name": "1019842",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019842"
            },
            {
              "name": "20080414 Secunia Research: Lotus Notes EML Reader Buffer Overflows",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490833/100/0/threaded"
            },
            {
              "name": "ADV-2008-1153",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1153"
            },
            {
              "name": "http://secunia.com/secunia_research/2007-92/advisory/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2007-92/advisory/"
            },
            {
              "name": "autonomy-keyview-eml-multiple-bo(41723)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41723"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2007-5399",
    "datePublished": "2008-04-10T18:00:00",
    "dateReserved": "2007-10-12T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.832Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to ibm - lotus_notes

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2007-4309

Vulnerability from cvelistv5

cve-2012-2174