Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:lotus_notes:6.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-1512 |
Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. Published: May 31, 2011; 4:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1218 |
Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information. Published: May 31, 2011; 4:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1217 |
Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information. Published: May 31, 2011; 4:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1216 |
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7. Published: May 31, 2011; 4:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1215 |
Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND. Published: May 31, 2011; 4:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1214 |
Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ. Published: May 31, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1213 |
Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W. Published: May 31, 2011; 4:55:01 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2011-1424 |
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6 SP1, when the Mobile Services component is used, does not properly set the localOnly attribute of the trace element, which allows remote authenticated users to obtain sensitive information via ASP.NET Application Tracing. Published: May 24, 2011; 7:55:02 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
CVE-2009-3037 |
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. Published: September 01, 2009; 12:30:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-4564 |
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. Published: March 18, 2009; 11:30:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-5399 |
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-5405 |
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-5406 |
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-6020 |
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-1101 |
Buffer overflow in kvdocve.dll in the KeyView document viewing engine in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allows remote attackers to execute arbitrary code via a long pathname, as demonstrated by a long SRC attribute of an IMG element in an HTML document. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-1718 |
Buffer overflow in mimesr.dll in Autonomy (formerly Verity) KeyView, as used in IBM Lotus Notes before 8.0, might allow user-assisted remote attackers to execute arbitrary code via an e-mail message with a crafted Text mail (MIME) attachment. Published: April 10, 2008; 2:05:00 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-6706 |
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. Published: March 08, 2008; 9:44:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-1217 |
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706. Published: March 08, 2008; 9:44:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-0862 |
IBM Lotus Notes 6.0, 6.5, 7.0, and 8.0 signs an unsigned applet when a user forwards an email message to another user, which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection. Published: February 20, 2008; 8:44:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-6593 |
Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909. Published: December 28, 2007; 4:46:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 8.8 HIGH |