355 matches found
CVE-2013-0591
Affected product: IBM Lotus Domino with iNotes 8.5.x (8.5.0–8.5.3 FP4) before 8.5.3 FP5. Vulnerability type: Cross-site Scripting (XSS) in iNotes 8.5.x due to an unspecified vector in the web interface. Root cause / impact: Remote authenticated users can inject arbitrary web script or HTML; impac...
CVE-2013-3990
Cross-site scripting XSS vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2...
CVE-2013-3032
Cross-site scripting XSS vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA...
CVE-2013-3027
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW...
Cross site scripting
Cross-site scripting XSS vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN98FLQ2...
Cross site scripting
Cross-site scripting XSS vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN986NAA...
CVE-2013-3027
The provided connected documents confirm a concrete vulnerability: IBM Domino iNotes uses the DWA9W ActiveX control with an integer overflow in its handling of crafted web pages. Affects IBM Domino 9.0 before IF3; exploitation enables remote code execution with the attacker-controlled page. The i...
CVE-2013-3027
Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to execute arbitrary code via a crafted web page, aka SPR PTHN97XHFW...
CVE-2013-3990
CVE-2013-3990 involves a cross-site scripting (XSS) vulnerability in the MIME e-mail functionality of IBM Domino iNotes 9.0 before IF3. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. The connected documents confirm affected software and the nature...
CVE-2013-3032
CVE-2013-3032 describes a cross-site scripting (XSS) vulnerability in the MIME e-mail functionality of IBM Domino 9.0 prior to IF3, exposed via iNotes. The issue allows remote attackers to inject arbitrary web script or HTML through unspecified vectors. The vulnerability is characterized as an XS...
CVE-2013-0525
Multiple cross-site scripting XSS vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX...
CVE-2012-5943
Cross-site scripting XSS vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9...
CVE-2012-5943
Cross-site scripting XSS vulnerability in IBM iNotes 8.5.x before 8.5.3 FP4 allows user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving mail, aka SPR JDOE8ZZS9...
CVE-2012-5943
CVE-2012-5943 affects IBM iNotes 8.5.x prior to 8.5.3 FP4. The vulnerability is a Cross-site Scripting (XSS) flaw that allows user-assisted remote attackers to inject arbitrary web script or HTML via mail-related vectors (SPR JDOE8ZZS9). The description provides the affected product and the attac...
CVE-2013-0525
Multiple cross-site scripting XSS vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX...
CVE-2013-0525
CVE-2013-0525 concerns multiple XSS vulnerabilities in IBM iNotes 8.5.x that allow local users to inject arbitrary web script or HTML via a shared mail file (SPR DKEN8PDNTX). Affected product: IBM iNotes 8.5.x. Root cause: cross-site scripting in the web UI via shared mail files. Impact as stated...
IBM Lotus iNotes dwa85W - ActiveX Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...