Lotus Notes@6.5.4 Security Vulnerabilities and Issues — Lotus Notes@6.5.4 CVE List

Lucene search

IbmLotus Notes6.5.4

17 matches found

CVE•added 2009/03/18 3:30 p.m.•123 views

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a...

9.3CVSS7.7AI score0.54246EPSS

CVE•added 2006/01/09 11:3 a.m.•87 views

CVE-2006-0118

Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas.

5CVSS6.7AI score0.00791EPSS

CVE•added 2011/05/31 8:55 p.m.•70 views

CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

9.3CVSS7.4AI score0.80847EPSS

CVE•added 2006/11/10 1:7 a.m.•56 views

CVE-2006-5835

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

5CVSS9.4AI score0.02018EPSS

CVE•added 2011/05/31 8:55 p.m.•55 views

CVE-2011-1512

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

9.3CVSS7.9AI score0.18231EPSS

CVE•added 2006/02/15 12:0 a.m.•52 views

CVE-2005-2618

Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file wi...

9.3CVSS7.2AI score0.49609EPSS

CVE•added 2011/05/31 8:55 p.m.•50 views

CVE-2011-1217

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

9.3CVSS7.7AI score0.11061EPSS

CVE•added 2011/05/31 8:55 p.m.•50 views

CVE-2011-1218

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

9.3CVSS7.7AI score0.08458EPSS

CVE•added 2006/01/09 11:3 a.m.•47 views

CVE-2006-0119

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5...

10CVSS6.8AI score0.13197EPSS

CVE•added 2011/05/31 8:55 p.m.•47 views

CVE-2011-1214

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.

9.3CVSS7.9AI score0.15959EPSS

CVE•added 2006/10/18 10:0 p.m.•45 views

CVE-2005-2454

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

4.6CVSS6.4AI score0.00076EPSS

CVE•added 2006/02/15 12:0 a.m.•45 views

CVE-2005-2619

Directory traversal vulnerability in kvarcve.dll in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allows remote attackers to delete arbitrary files via a (1) ZIP, (2) UUE or (3) TAR archive that contains a .. (dot dot) in the filename, which is not prope...

9.3CVSS6.8AI score0.00966EPSS

CVE•added 2006/01/09 11:3 a.m.•45 views

CVE-2006-0117

Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion".

5CVSS6.7AI score0.00791EPSS

CVE•added 2006/01/09 11:3 a.m.•44 views

CVE-2006-0121

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MK...

7.8CVSS6.3AI score0.01076EPSS

CVE•added 2011/05/31 8:55 p.m.•43 views

CVE-2011-1216

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

9.3CVSS8AI score0.18883EPSS

CVE•added 2006/01/09 11:3 a.m.•42 views

CVE-2006-0120

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3...

5CVSS6.9AI score0.03437EPSS

CVE•added 2009/09/01 4:30 p.m.•42 views

CVE-2009-3037

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary cod...

9.3CVSS7.8AI score0.16842EPSS