56 matches found
CVE-2010-0920
Cross-site scripting XSS vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...
EUVD-2009-3088
Malware in sbrugna...
EUVD-2010-0305
Malware in sbrugna...
EUVD-2010-0946
Malware in sbrugna...
EUVD-2010-0943
Malware in sbrugna...
EUVD-2010-0307
Malware in sbrugna...
EUVD-2009-4560
Malware in sbrugna...
EUVD-2010-0306
Malware in sbrugna...
EUVD-2010-0945
Malware in sbrugna...
IBM iNotes Cross-Site Scripting Vulnerability (CNVD-2017-08507)
IBM iNotes also known as IBM Lotus iNotes is a set of Web-based e-mail software from IBM in the United States. The software helps different types of users online and offline users to effectively manage business-critical information and collaboration. A cross-site scripting vulnerability exists in...
IBM Lotus iNotes ActiveX Control Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow Vulnerability
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNote...
IBM Lotus iNotes dwa85W - ActiveX Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
This module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX...
IBM Lotus iNotes dwa85W.dll ActiveX Control Buffer Overflow (CVE-2012-2175)
A buffer overflow vulnerability has been reported in IBM Lotus iNotes...
ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX AttachmentTimes Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-132 August 3, 2012 - -- CVE ID: CVE-2012-2175 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dwa85W.cab...
IBM Lotus iNotes Upload模块ActiveX控件缓冲区溢出漏洞
BUGTRAQ ID: 53879 CVE ID: CVE-2012-2175 Lotus iNotes之前被称为Lotus Domino Web Access,是Lotus Domino服务器基于web的消息和协作界面。 IBM Lotus iNotes 8.5.3 FP2之前版本dwa85W.dll内的某些ActiveX控件中的AttachmentTimes方法在实现上存在缓冲区溢出漏洞,通过较长的参数可允许远程攻击者执行任意代码。 0 IBM Lotus iNotes 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2012-2175
Buffer overflow in the AttachmentTimes method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument...