115 matches found
CVE-2011-1218
Summary: CVE-2011-1218 is a buffer overflow in Autonomy KeyView’s kvarcve.dll, affecting IBM Lotus Notes prior to 8.5.2 FP3. A crafted ZIP attachment can trigger remote arbitrary-code execution. The issue is tied to the Verity KeyView Filter used by affected Note applications. Impact (as stated):...
CVE-2008-7284
IBM Lotus Quickr 8.1 before 8100.003 services for Lotus Domino allows remote authenticated users to cause a denial of service daemon crash by clicking a download link, aka SPR QCAO7E6AM8...
CVE-2008-7285
Unspecified vulnerability in the docnote string handling implementation in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allows remote attackers to cause a denial of service daemon crash via unknown vectors, aka SPR JFLD7GZT25...
Code injection
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated users to cause a denial of service daemon crash by subscribing to an Atom feed, aka SPR JRIE7VKMP9...
Code injection
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.11 services for Lotus Domino might allow remote authenticated users to cause a denial of service daemon crash by accessing an entry in a calendar, aka SPR MZHA7SEBJX...
Code injection
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2...
CVE-2011-1505
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2...
CVE-2009-5058
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.5 services for Lotus Domino allows remote authenticated users to cause a denial of service daemon crash by deleting an item that is accessed through a connector, aka SPR RELS7LARKR...
CVE-2008-7286
The vulnerability CVE-2008-7286 affects IBM Lotus Quickr 8.1 prior to 8.1.0.2 for Lotus Domino. The root cause is that the product does not properly handle URLs that request images, allowing remote authenticated users to trigger a denial of service (daemon crash) via requests to resources.nsf (ID...
CVE-2009-5062
CVE-2009-5062 affects IBM Lotus Quickr 8.1 before 8.1.0.15 on AIX running Lotus Domino services. A remote authenticated user can cause a daemon crash (denial of service) by subscribing to an Atom feed, identified as SPR JRIE7VKMP9. According to the provided data, the CVSSv2 score is 3.5 (Network ...
CVE-2009-5059
Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.10 services for Lotus Domino might allow remote authenticated users to cause a denial of service daemon crash by checking out a document that is accessed through a connector, aka SPR MMOI7PSR8J...
CVE-2011-0919
Multiple stack-based buffer overflows in the 1 POP3 and 2 IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ...
CVE-2011-0917
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX...
CVE-2011-0920
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS...
CVE-2011-0916
Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H...
Stack overflow
Stack-based buffer overflow in the NRouter aka Router service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE...
Stack overflow
Multiple stack-based buffer overflows in the 1 POP3 and 2 IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ...
CVE-2011-0912
IBM Lotus Notes is affected by an argument-injection vulnerability in the cai:// URI handler that allows remote code execution via a --launcher.library option specifying a UNC DLL path. Affected are Lotus Notes 8.0.x prior to 8.0.2 FP6 and 8.5.x prior to 8.5.1 FP5. The flaw enables code execution...
Open redirect
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH...
Design/Logic Flaw
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG...