Lucene search

Lotus Notes Security Vulnerabilities - 2012

cve

CVE-2010-5251

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of th...

6.4AI Score

0.001EPSS

2012-09-07 10:32 AM

cve

CVE-2012-2174

The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.

7.2AI Score

0.965EPSS

2012-06-20 10:27 AM

122

cve

CVE-2012-4846

IBM Lotus Notes 8.5.x before 8.5.3 FP3 does not include the HTTPOnly flag in a Set-Cookie header for a web-application cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, aka SPRs JMAS7TRNLN and SRAO8U3Q68.

5.8AI Score

0.003EPSS

2012-12-19 11:55 AM