Lotus Notes@6.5.5 Security Vulnerabilities and Issues — Lotus Notes@6.5.5 CVE List

Lucene search

IbmLotus Notes6.5.5

11 matches found

CVE•added 2009/03/18 3:30 p.m.•123 views

CVE-2008-4564

Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a...

9.3CVSS7.7AI score0.54246EPSS

CVE•added 2011/05/31 8:55 p.m.•70 views

CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

9.3CVSS7.4AI score0.80847EPSS

CVE•added 2006/11/10 1:7 a.m.•56 views

CVE-2006-5835

The Notes Remote Procedure Call (NRPC) protocol in IBM Lotus Notes Domino before 6.5.5 FP2 and 7.x before 7.0.2 does not require authentication to perform user lookups, which allows remote attackers to obtain the user ID file.

5CVSS9.4AI score0.02018EPSS

CVE•added 2011/05/31 8:55 p.m.•55 views

CVE-2011-1512

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

9.3CVSS7.9AI score0.18231EPSS

CVE•added 2011/05/31 8:55 p.m.•50 views

CVE-2011-1217

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

9.3CVSS7.7AI score0.11061EPSS

CVE•added 2011/05/31 8:55 p.m.•50 views

CVE-2011-1218

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

9.3CVSS7.7AI score0.08458EPSS

CVE•added 2011/05/31 8:55 p.m.•47 views

CVE-2011-1214

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.

9.3CVSS7.9AI score0.15959EPSS

CVE•added 2006/10/18 10:0 p.m.•45 views

CVE-2005-2454

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

4.6CVSS6.4AI score0.00076EPSS

CVE•added 2011/05/31 8:55 p.m.•43 views

CVE-2011-1216

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

9.3CVSS8AI score0.18883EPSS

CVE•added 2009/09/01 4:30 p.m.•42 views

CVE-2009-3037

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary cod...

9.3CVSS7.8AI score0.16842EPSS

CVE•added 2007/04/11 1:19 a.m.•37 views

CVE-2007-1941

Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in Domino Web Access (DWA) in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via a multipart/related e-mail message, a different issue than CVE-2006-48...

4.3CVSS5.3AI score0.00759EPSS