All the vulnerabilites related to ibm - lotus_quickr
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:26
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr versi\u00f3n 8.1 anterior a 8.1.0.27 services para Lotus Domino tiene un impacto y vectores de ataque desconocidos. Tambi\u00e9n conocido como SPR ESEO8DQME2."
}
],
"id": "CVE-2011-1505",
"lastModified": "2024-11-21T01:26:27.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-22T17:55:04.080",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43689"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025228"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO58209"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/46903"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0707"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO58209"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66142"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-08-29 16:41
Modified
2024-11-21 00:50
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | aix | * | |
| ibm | i5os | * | |
| microsoft | windows_nt | * | |
| ibm | lotus_quickr | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:i5os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EAAC0C-BDB1-4217-9551-684859F2D4E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (1)editores WYSIWYG (2)durante la creaci\u00f3n de un grupo local, (3) durante redireccionamientos HTML, (4) en el HTML-import, (5) en el editor Rich-text, y (6) en la p\u00e1gina de enlace del servicio IBM Lotus Quickr 8.1 para Lotus Domino anterior al parche (Hotfix) 15, permite a atacantes remotos inyectar web script o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados, incluyendo (7) la Imported-Page. NOTA: La vulnerabilidad en el editor WYSIWYG puede ser debida a una correcci\u00f3n incompleta de para el CVE-2008-2163.\r\n"
}
],
"id": "CVE-2008-3860",
"lastModified": "2024-11-21T00:50:17.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-08-29T16:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49772"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49776"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31634"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020762"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2444"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44694"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-20 21:44
Modified
2024-11-21 00:43
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.0 | |
| ibm | lotus_quickr | 8.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0547A9F7-5E82-413E-8102-DADFB63B4E1B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Lotus Quickr para i5/OS antes de 8.0.0.2 Hotfix 11, cuando est\u00e1 deshabilitado el acceso an\u00f3nimo en los puertos HTTP permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2008-0834",
"lastModified": "2024-11-21T00:43:01.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-02-20T21:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29004"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27840"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019431"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/27840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0590"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-09 18:00
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr 8.1 anterior a Fix pack 1 (8.1.0.1) permite a los editores borrar paginas que fueron creadas por un autor diferente mediante vectores desconocidos."
}
],
"id": "CVE-2008-4507",
"lastModified": "2024-11-21T00:51:50.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-09T18:00:02.003",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45693"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 00:58
Severity ?
Summary
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la cadena de docnote, manejando la implementaci\u00f3n en IBM Lotus Quickr v8.1 anterior a v8.1.0.2, servicios para Lotus Domino, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de vectores desconocidos, tambi\u00e9n conocido como JFLD7GZT25 SPR."
}
],
"id": "CVE-2008-7285",
"lastModified": "2024-11-21T00:58:44.667",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-03-22T17:55:01.110",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:11
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr v8.1 anterior a v8.1.0.5, servicios para Lotus Domino permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante la supresi\u00f3n de un elemento al que se accede a trav\u00e9s de un conector, tambi\u00e9n conocido como SPR RELS7LARKR."
}
],
"id": "CVE-2009-5058",
"lastModified": "2024-11-21T01:11:05.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.143",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-09 18:00
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a \"nonstandard URL argument\" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability."
},
{
"lang": "es",
"value": "Vulnerabilidad inespecifica en IBM Lotus Quickr v8.1 anterior al parche 1 (v8.1.0.1) que permite a atacantes producir una denegaci\u00f3n de servicio (caida del sistema) a trav\u00e9s de un argumento URL no estandar al comando OpenDocument.NOTA: Debido a la falta de detalles del vendedor, no queda claro que esto sea una vulnerabilidad"
}
],
"id": "CVE-2008-4505",
"lastModified": "2024-11-21T00:51:50.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-09T18:00:01.940",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45692"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 00:58
Severity ?
Summary
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX."
},
{
"lang": "es",
"value": "IBM Lotus Quickr 8.1 anteriores a 8.1.0.2 services para Lotus Domino no maneja correctamente las URL de las peticiones de im\u00e1genes, lo que permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de una petici\u00f3n a resources.nsf. Tambi\u00e9n conocido como SPR XFXF7JDBCX."
}
],
"id": "CVE-2008-7286",
"lastModified": "2024-11-21T00:58:44.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.127",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-29 18:00
Modified
2024-11-21 01:07
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.0:*:ibm_webpshere_portal:*:*:*:*:*",
"matchCriteriaId": "824834E1-101E-44B3-9260-18776F0E8EB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM Lotus Quickr v8.1.0 servicios para WebSphere Portal permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s del nombre de fichero de un fichero .odt en Lotus Quickr place, relacionado con la plantilla Library."
}
],
"id": "CVE-2009-3453",
"lastModified": "2024-11-21T01:07:23.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-29T18:00:00.313",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/58384"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36899"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36527"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022952"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2779"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/58384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36899"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53489"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:11
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr v8.1 anterior a v8.1.0.11, servicios para Lotus Domino podr\u00eda permitir a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante el acceso a una entrada en un calendario, tambi\u00e9n conocido como SPR MZHA7SEBJX."
}
],
"id": "CVE-2009-5060",
"lastModified": "2024-11-21T01:11:05.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.173",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-13 17:20
Modified
2024-11-21 00:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | aix | * | |
| ibm | i5os | * | |
| microsoft | windows_nt | * | |
| ibm | lotus_quickr | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:i5os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EAAC0C-BDB1-4217-9551-684859F2D4E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_nt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ED27882B-A02A-4D5F-9117-A47976C676E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to \"WYSIWYG editors.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de Secuencias de comandos en sitios cruzados en IBM Lotus Quickr 8.1 versiones anteriores al Hotfix 5 para Windows y AIX, y anteriores al Hotfix 3 para i5/OS, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores desconocidos, relacionada con \"editores WYSIWYG.\""
}
],
"id": "CVE-2008-2163",
"lastModified": "2024-11-21T00:46:13.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-05-13T17:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30204"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29175"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1502/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1502/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:11
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr 8.1 anteriores a 8.1.0.10 services para Lotus Domino podr\u00eda permitir a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) al revisar un documento que se accede a trav\u00e9s de un conector. Tambi\u00e9n conocido como SPR MMOI7PSR8J."
}
],
"id": "CVE-2009-5059",
"lastModified": "2024-11-21T01:11:05.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.157",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-26 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string."
},
{
"lang": "es",
"value": "Vulnerabilidad de redireccionamiento directo en login.jsp en IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), y IBM Lotus Workplace Web Content Management v5.1.0.0 hasta v5.1.0.5, v6.0.0.0 hasta v6.0.0.4, v6.0.1.0 hasta v6.0.1.7, v6.1.0.0 hasta v6.1.0.3, y v6.1.5.0; y IBM Lotus Quickr services v8.0, v8.0.0.2, v8.1, v8.1.1, y v8.1.1.1 para WebSphere Portal; permite a atacantes remotos redireccionar a los usuarios a sitios de su elecci\u00f3n y conducir ataques phising a trav\u00e9s de la cadena de la pregunta."
}
],
"id": "CVE-2010-0715",
"lastModified": "2024-11-21T01:12:48.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-02-26T19:30:00.773",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-25 20:55
Modified
2024-11-21 01:38
Severity ?
Summary
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7085B570-2CD4-4977-B94D-A716EE0ADCF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en cierto ActiveX en qp2.cab en IBM Lotus Quickr v8.2 anterior a v8.2.0.27-002a para Domino permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un argumento largo para el m\u00e9todo (1) Attachment_Times o (2) Import_Times."
}
],
"id": "CVE-2012-2176",
"lastModified": "2024-11-21T01:38:39.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-05-25T20:55:01.743",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21596191"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/53678"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id?1027097"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75322"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21596191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75322"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-09 18:00
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to \"demote or delete a place superuser group\" via unknown vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en Lotus Quickr de IBM versiones 8.1 anteriores al Fixpack 1 (8.1.0.1), permite a un administrador de lugares \"demote or delete a place superuser group\" por medio de vectores desconocidos."
}
],
"id": "CVE-2008-4506",
"lastModified": "2024-11-21T00:51:50.730",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-09T18:00:01.973",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45694"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:11
Severity ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Lotus Quickr 8.1 anteriores a 8.1.0.14 services para Lotus Domino, cuando la autenticaci\u00f3n nativa de Domino est\u00e1 activada, podr\u00eda permitir a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) poniendo el servidor fuera de l\u00ednea. Tambi\u00e9n conocido como SPR MLZG7UPB9N."
}
],
"id": "CVE-2009-5061",
"lastModified": "2024-11-21T01:11:05.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.190",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-26 19:30
Modified
2024-11-21 01:12
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), y IBM Lotus Workplace Web Content Management v5.1.0.0 hasta v5.1.0.5, v6.0.0.0 hasta v6.0.0.4, v6.0.1.0 hasta v6.0.1.7, v6.1.0.0 hasta v6.1.0.3, y v6.1.5.0; y IBM Lotus Quickr services v8.0, v8.0.0.2, v8.1, v8.1.1, y v8.1.1.1 para WebSphere Portal; permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del cadena \"query\"."
}
],
"id": "CVE-2010-0714",
"lastModified": "2024-11-21T01:12:48.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-02-26T19:30:00.743",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/38412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023660"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/38412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 01:11
Severity ?
Summary
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * | |
| ibm | aix | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9."
},
{
"lang": "es",
"value": "UsIBM Lotus Quickr 8.1 anteriores a la versi\u00f3n 8.1.0.15 services para Lotus Domino en AIX permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante la suscripci\u00f3n de un feed Atom. Tambi\u00e9n conocido como SPR JRIE7VKMP9."
}
],
"id": "CVE-2009-5062",
"lastModified": "2024-11-21T01:11:06.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.207",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-22 17:55
Modified
2024-11-21 00:58
Severity ?
Summary
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_quickr | 8.1 | |
| ibm | lotus_domino | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE9179CA-5855-4F19-BAA6-D0A6DF468B9B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8."
},
{
"lang": "es",
"value": "IBM Lotus Quickr v8.1 anteriores a v8.100.003, para Lotus Domino permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) haciendo clic en un enlace de descarga, tambi\u00e9n conocido como QCAO7E6AM8 SPR."
}
],
"id": "CVE-2008-7284",
"lastModified": "2024-11-21T00:58:44.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-22T17:55:01.097",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2010-0715
Vulnerability from cvelistv5
Published
2010-02-26 19:00
Modified
2024-08-07 00:59
Severity ?
EPSS score ?
Summary
Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.hacktics.com/content/advisories/AdvIBM20100224.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56602 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/509744/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21421469 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-phishing(56602)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-phishing(56602)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0715",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html",
"refsource": "MISC",
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-phishing(56602)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56602"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469",
"refsource": "MISC",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0715",
"datePublished": "2010-02-26T19:00:00",
"dateReserved": "2010-02-26T00:00:00",
"dateUpdated": "2024-08-07T00:59:38.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1505
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-08-06 22:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66142 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/43689 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ibm.com/support/docview.wss?uid=swg1LO58209 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www.securityfocus.com/bid/46903 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1025228 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2011/0707 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:28:41.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-lotusquickr-unspecified(66142)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66142"
},
{
"name": "43689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43689"
},
{
"name": "LO58209",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO58209"
},
{
"name": "46903",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46903"
},
{
"name": "1025228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025228"
},
{
"name": "ADV-2011-0707",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0707"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-lotusquickr-unspecified(66142)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66142"
},
{
"name": "43689",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43689"
},
{
"name": "LO58209",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO58209"
},
{
"name": "46903",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46903"
},
{
"name": "1025228",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025228"
},
{
"name": "ADV-2011-0707",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0707"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-lotusquickr-unspecified(66142)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66142"
},
{
"name": "43689",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43689"
},
{
"name": "LO58209",
"refsource": "AIXAPAR",
"url": "http://www.ibm.com/support/docview.wss?uid=swg1LO58209"
},
{
"name": "46903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46903"
},
{
"name": "1025228",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025228"
},
{
"name": "ADV-2011-0707",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0707"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-1505",
"datePublished": "2011-03-22T17:00:00",
"dateReserved": "2011-03-22T00:00:00",
"dateUpdated": "2024-08-06T22:28:41.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2176
Vulnerability from cvelistv5
Published
2012-05-25 20:00
Modified
2024-08-06 19:26
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1027097 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/75322 | vdb-entry, x_refsource_XF | |
| http://www.ibm.com/support/docview.wss?uid=swg21596191 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/53678 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:26:08.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027097"
},
{
"name": "lotusquickr-activex-bo(75322)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21596191"
},
{
"name": "53678",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1027097",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027097"
},
{
"name": "lotusquickr-activex-bo(75322)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21596191"
},
{
"name": "53678",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53678"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-2176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027097",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027097"
},
{
"name": "lotusquickr-activex-bo(75322)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75322"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21596191",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21596191"
},
{
"name": "53678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53678"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-2176",
"datePublished": "2012-05-25T20:00:00",
"dateReserved": "2012-04-04T00:00:00",
"dateUpdated": "2024-08-06T19:26:08.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5059
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5059",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-17T04:04:10.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-7286
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-17 00:15
Severity ?
EPSS score ?
Summary
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7286",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-17T00:15:46.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5060
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-16 19:09
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5060",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service (daemon crash) by accessing an entry in a calendar, aka SPR MZHA7SEBJX."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5060",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-16T19:09:21.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3860
Vulnerability from cvelistv5
Published
2008-08-29 16:22
Modified
2024-08-07 09:53
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/49776 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1020762 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44694 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/49772 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2008/2444 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/31634 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "49776",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49776"
},
{
"name": "1020762",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020762"
},
{
"name": "ibm-lotus-quickr-multiple-xss(44694)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44694"
},
{
"name": "49772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49772"
},
{
"name": "ADV-2008-2444",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2444"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "31634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31634"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "49776",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49776"
},
{
"name": "1020762",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020762"
},
{
"name": "ibm-lotus-quickr-multiple-xss(44694)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44694"
},
{
"name": "49772",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49772"
},
{
"name": "ADV-2008-2444",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2444"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "31634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31634"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "49776",
"refsource": "OSVDB",
"url": "http://osvdb.org/49776"
},
{
"name": "1020762",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020762"
},
{
"name": "ibm-lotus-quickr-multiple-xss(44694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44694"
},
{
"name": "49772",
"refsource": "OSVDB",
"url": "http://osvdb.org/49772"
},
{
"name": "ADV-2008-2444",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2444"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "31634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31634"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3860",
"datePublished": "2008-08-29T16:22:00",
"dateReserved": "2008-08-29T00:00:00",
"dateUpdated": "2024-08-07T09:53:00.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5061
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-17 03:02
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.14 services for Lotus Domino, when Domino Native Authentication is enabled, might allow remote authenticated users to cause a denial of service (daemon crash) by going offline, aka SPR MLZG7UPB9N."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5061",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-17T03:02:47.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4505
Vulnerability from cvelistv5
Published
2008-10-09 16:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a "nonstandard URL argument" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31608 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32098 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2753 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45692 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-opendocument-dos(45692)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45692"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a \"nonstandard URL argument\" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-opendocument-dos(45692)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45692"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4505",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) might allow attackers to cause a denial of service (system crash) via a \"nonstandard URL argument\" to the OpenDocument command. NOTE: due to lack of details from the vendor, it is not clear whether this is a vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-opendocument-dos(45692)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45692"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4505",
"datePublished": "2008-10-09T16:00:00",
"dateReserved": "2008-10-09T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2163
Vulnerability from cvelistv5
Published
2008-05-13 17:00
Modified
2024-08-07 08:49
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to "WYSIWYG editors."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2008/1502/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/29175 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42360 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/30204 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-1.ibm.com/support/docview.wss?uid=swg24018711 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1502",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1502/references"
},
{
"name": "29175",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29175"
},
{
"name": "ibm-lotus-quickr-wysiwyg-xss(42360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42360"
},
{
"name": "30204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30204"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to \"WYSIWYG editors.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-1502",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1502/references"
},
{
"name": "29175",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29175"
},
{
"name": "ibm-lotus-quickr-wysiwyg-xss(42360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42360"
},
{
"name": "30204",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30204"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Quickr 8.1 before Hotfix 5 for Windows and AIX, and before Hotfix 3 for i5/OS, allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to \"WYSIWYG editors.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1502",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1502/references"
},
{
"name": "29175",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29175"
},
{
"name": "ibm-lotus-quickr-wysiwyg-xss(42360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42360"
},
{
"name": "30204",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30204"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24018711"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2163",
"datePublished": "2008-05-13T17:00:00",
"dateReserved": "2008-05-13T00:00:00",
"dateUpdated": "2024-08-07T08:49:58.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0714
Vulnerability from cvelistv5
Published
2010-02-26 19:00
Modified
2024-08-07 00:59
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.hacktics.com/content/advisories/AdvIBM20100224.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56508 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1023660 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/509744/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21421469 | x_refsource_CONFIRM | |
| http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www.securityfocus.com/bid/38412 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-xss(56508)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"
},
{
"name": "1023660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023660"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"name": "PM03233",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"
},
{
"name": "38412",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-xss(56508)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"
},
{
"name": "1023660",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023660"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"name": "PM03233",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"
},
{
"name": "38412",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0714",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html",
"refsource": "MISC",
"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html"
},
{
"name": "ibm-login-xss(56508)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508"
},
{
"name": "1023660",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023660"
},
{
"name": "20100225 Hacktics Advisory Feb10: XSS in IBM WebSphere Portal \u0026 Lotus WCM",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469"
},
{
"name": "PM03233",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233"
},
{
"name": "38412",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0714",
"datePublished": "2010-02-26T19:00:00",
"dateReserved": "2010-02-26T00:00:00",
"dateUpdated": "2024-08-07T00:59:38.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-3453
Vulnerability from cvelistv5
Published
2009-09-29 17:00
Modified
2024-08-07 06:31
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1022952 | vdb-entry, x_refsource_SECTRACK | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646 | vendor-advisory, x_refsource_AIXAPAR | |
| http://secunia.com/advisories/36899 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21405163 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/2779 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/58384 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/53489 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/36527 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:09.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1022952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022952"
},
{
"name": "LO36646",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646"
},
{
"name": "36899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36899"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163"
},
{
"name": "ADV-2009-2779",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2779"
},
{
"name": "58384",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/58384"
},
{
"name": "lotusquickr-documentnames-xss(53489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53489"
},
{
"name": "36527",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36527"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1022952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022952"
},
{
"name": "LO36646",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646"
},
{
"name": "36899",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36899"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163"
},
{
"name": "ADV-2009-2779",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2779"
},
{
"name": "58384",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/58384"
},
{
"name": "lotusquickr-documentnames-xss(53489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53489"
},
{
"name": "36527",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36527"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1.0 services for WebSphere Portal allow remote attackers to inject arbitrary web script or HTML via the filename of a .odt file in a Lotus Quickr place, related to the Library template."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1022952",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022952"
},
{
"name": "LO36646",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO36646"
},
{
"name": "36899",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36899"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21405163"
},
{
"name": "ADV-2009-2779",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2779"
},
{
"name": "58384",
"refsource": "OSVDB",
"url": "http://osvdb.org/58384"
},
{
"name": "lotusquickr-documentnames-xss(53489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53489"
},
{
"name": "36527",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36527"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3453",
"datePublished": "2009-09-29T17:00:00",
"dateReserved": "2009-09-29T00:00:00",
"dateUpdated": "2024-08-07T06:31:09.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0834
Vulnerability from cvelistv5
Published
2008-02-20 21:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-1.ibm.com/support/docview.wss?uid=swg24016411 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/29004 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1019431 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/0590 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/27840 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:39.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411"
},
{
"name": "29004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29004"
},
{
"name": "1019431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019431"
},
{
"name": "ADV-2008-0590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0590"
},
{
"name": "27840",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27840"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411"
},
{
"name": "29004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29004"
},
{
"name": "1019431",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019431"
},
{
"name": "ADV-2008-0590",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0590"
},
{
"name": "27840",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27840"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Lotus Quickr for i5/OS before 8.0.0.2 Hotfix 11, when anonymous access is disabled on HTTP ports, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016411"
},
{
"name": "29004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29004"
},
{
"name": "1019431",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019431"
},
{
"name": "ADV-2008-0590",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0590"
},
{
"name": "27840",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27840"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0834",
"datePublished": "2008-02-20T21:00:00",
"dateReserved": "2008-02-20T00:00:00",
"dateUpdated": "2024-08-07T08:01:39.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4507
Vulnerability from cvelistv5
Published
2008-10-09 16:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31608 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32098 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2753 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45693 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.807Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-editor-security-bypass(45693)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-editor-security-bypass(45693)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4507",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows editors to delete pages that were created by a different author via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "32098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
},
{
"name": "lotus-quickr-editor-security-bypass(45693)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4507",
"datePublished": "2008-10-09T16:00:00",
"dateReserved": "2008-10-09T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-7285
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-17 03:48
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, aka SPR JFLD7GZT25."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7285",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-17T03:48:42.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4506
Vulnerability from cvelistv5
Published
2008-10-09 16:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to "demote or delete a place superuser group" via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31608 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45694 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/32098 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2753 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.779Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "lotus-quickr-placemanager-security-bypass(45694)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45694"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to \"demote or delete a place superuser group\" via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31608",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "lotus-quickr-placemanager-security-bypass(45694)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45694"
},
{
"name": "32098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4506",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before Fix pack 1 (8.1.0.1) allows a place manager to \"demote or delete a place superuser group\" via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31608"
},
{
"name": "lotus-quickr-placemanager-security-bypass(45694)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45694"
},
{
"name": "32098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32098"
},
{
"name": "ADV-2008-2753",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2753"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4506",
"datePublished": "2008-10-09T16:00:00",
"dateReserved": "2008-10-09T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-7284
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-17 00:01
Severity ?
EPSS score ?
Summary
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-7284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by clicking a download link, aka SPR QCAO7E6AM8."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-7284",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-17T00:01:38.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5058
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-16 22:15
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5058",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service (daemon crash) by deleting an item that is accessed through a connector, aka SPR RELS7LARKR."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5058",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-16T22:15:44.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-5062
Vulnerability from cvelistv5
Published
2011-03-22 17:00
Modified
2024-09-16 23:46
Severity ?
EPSS score ?
Summary
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg27013341 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:54.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-03-22T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service (daemon crash) by subscribing to an Atom feed, aka SPR JRIE7VKMP9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27013341"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5062",
"datePublished": "2011-03-22T17:00:00Z",
"dateReserved": "2011-03-22T00:00:00Z",
"dateUpdated": "2024-09-16T23:46:01.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}