12 matches found
CVE-2012-6277
CVE-2012-6277 concerns multiple vulnerabilities in Autonomy KeyView IDOL libraries used by IBM Notes/Domino, Symantec messaging/security products, and others. The issue arises from underlying memory-corruption flaws in KeyView IDOL, triggered by processing crafted input files, potentially enablin...
CVE-2017-17689
CVE-2017-17689 arises from S/MIME CBC gadget attacks (EFAIL) that can lead to plaintext exfiltration. Connected sources show this affecting KDE PIM/KMail components and related mail tooling across Linux/macOS ecosystems, with public advisories describing how S/MIME/CBC malleability could leak pla...
CVE-2016-0270
IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1 is affected when using TLS with AES-GCM; the vulnerability arises from nonce generation randomness leading to nonce reuse, enabling remote attackers to obtain the authentication key and spoof data (CVE-2016-0270). Th...
CVE-2018-1771
CVE-2018-1771 affects IBM Domino 9.0 and 9.0.1 on Windows, where a buffer overflow in parsing command line arguments passed to nsd.exe could allow a local attacker to execute arbitrary commands. Root cause: overflow in NSD service argument parsing. Impact: high, with potential full system command...
CVE-2017-1714
CVE-2017-1714 affects IBM Notes and Domino NSD 8.5 and 9.0. An authenticated local user with non-admin privileges could escalate to System-level privileges, enabling full control on the affected host as described in the CVE entry and corroborated by multiple sources in the connected documents.
CVE-2018-1435
CVE-2018-1435 affects IBM Notes 8.5 and 9.0. The issue is a DLL hijacking vulnerability that could allow code execution when a user is tricked into opening a malicious executable in a directory under an attacker’s control. Connected sources reiterate IBM Notes DLL loading remote code execution vu...
CVE-2018-1437
IBM Notes 8.5 and 9.0 are affected by CVE-2018-1437 due to an error related to untrusted search paths that enables DLL hijacking. This local vulnerability could allow an attacker to execute arbitrary code on the system or cause the application to crash. The issue is tied to the System Diagnostics...
CVE-2017-1711
CVE-2017-1711 affects IBM iNotes 8.5 and 9.0 SUService. The vulnerability arises from the risk of loading a malicious DLL masquerading as a Windows DLL located in the temp directory, potentially allowing code execution. Connected documents reiterate the same issue and reference IBM X-Force ID 134...
CVE-2017-1720
CVE-2017-1720 affects IBM Notes 8.5 and 9.0, where a local attacker could execute arbitrary commands by crafting a command line sent via Shared Memory IPC. Connected CNVD-2018-03879 describes an elevation of privilege vulnerability in IBM Client Application Access and Notes related to IPC. The NV...
CVE-2018-1409
The CVE-2018-1409 entry affects IBM Notes Diagnostics, IBM Client Application Access, and IBM Notes on Windows. It describes an elevation-of-privilege flaw where a local attacker could craft a command line via inter-process communication using shared memory to trick the system into executing an a...
CVE-2018-1411
IBM Notes Diagnostics and IBM Client Application Access (Windows) are affected. A local attacker could craft a command line via shared-memory IPC to execute an arbitrary executable, enabling full system compromise. Root cause: IPC-based command-line handling flaw allows unintended command executi...
CVE-2018-1410
IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) on Windows is affected by CVE-2018-1410. The issue arises when a local attacker crafts a command line sent via inter-process communication over shared memory, which could be tricked into executing an executable chosen by the atta...