This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ibm First view 2007-12-28
Product Lotus Notes Last view 2013-05-01
Version 8.0.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:ibm:lotus_notes

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2013-05-01 CVE-2013-0538

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT element in an HTML e-mail message, aka SPRs JMOY95BLM6 and JMOY95BN49.

5.8 2013-05-01 CVE-2013-0127

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java code execution and X-Confirm-Reading-To functionality via a crafted message, aka SPRs JMOY95BLM6 and JMOY95BN49.

9.3 2013-01-10 CVE-2012-4823

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

9.3 2013-01-10 CVE-2012-4822

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

9.3 2013-01-10 CVE-2012-4821

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

9.3 2013-01-10 CVE-2012-4820

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

9.3 2012-06-20 CVE-2012-2174

The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.

9.3 2011-05-31 CVE-2011-1512

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

9.3 2011-05-31 CVE-2011-1218

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

9.3 2011-05-31 CVE-2011-1217

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

9.3 2011-05-31 CVE-2011-1216

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

9.3 2011-05-31 CVE-2011-1215

Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.

9.3 2011-05-31 CVE-2011-1214

Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.

9.3 2011-05-31 CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

9.3 2009-09-01 CVE-2009-3037

Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment.

9.3 2008-03-08 CVE-2008-1217

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

6.9 2007-12-28 CVE-2007-6594

IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file.

CWE : Common Weakness Enumeration

%idName
53% (7) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
15% (2) CWE-264 Permissions, Privileges, and Access Controls
15% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
7% (1) CWE-189 Numeric Errors
7% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

SAINT Exploits

Description Link
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow More info here
IBM Lotus Notes URL Handler Command Execution More info here

Open Source Vulnerability Database (OSVDB)

id Description
72711 IBM Lotus Notes Autonomy KeyView kvarcve.dll zip Attachment Parsing Overflow
72710 IBM Lotus Notes Autonomy KeyView kpprzrdr.dll prz Attachment Parsing Overflow
72709 IBM Lotus Notes Autonomy KeyView assr.dll Tag Data Parsing Overflow
72708 IBM Lotus Notes Autonomy KeyView mw8sr.dll Link Parsing Overflow
72707 IBM Lotus Notes Autonomy KeyView rtfsr.dll Link Parsing Overflow
72706 IBM Lotus Notes Autonomy KeyView lzhsr.dll Underflow Header Parsing Overflow
72705 IBM Lotus Notes Autonomy KeyView xlssr.dll Biff Record Parsing Overflow
57334 Autonomy Keyview XLS Viewer (xlssr.dll) XLS File SST Record Handling Overflow
43062 IBM Lotus Notes nlnotes.dll E-mail Crafted Attachment Arbitrary Code Execution
40934 IBM Lotus Notes for Linux setup.sh installdata Permission Weakness Local Priv...
40933 IBM Lotus Notes for Linux Downloaded Installation Kit Unspecified Permission ...

OpenVAS Exploits

id Description
2011-06-07 Name : IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities (Win)
File : nvt/gb_ibm_lotus_notes_mult_bof_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2009-B-0042 Autonomy KeyView Buffer Overflow Vulnerability in Symantec Mail Security and ...
Severity: Category II - VMSKEY: V0019906

Snort® IPS/IDS

Date Description
2019-04-02 IBM Lotus Notes LZH Attachment Viewer buffer overflow attempt
RuleID : 49297 - Type : FILE-OTHER - Revision : 2
2018-02-06 IBM Java invokeWithPrivilege method call attempt
RuleID : 45351 - Type : FILE-JAVA - Revision : 2
2018-02-06 IBM Java invokeWithClassLoaders method call attempt
RuleID : 45350 - Type : FILE-JAVA - Revision : 2
2018-02-06 IBM Java invokeWithPrivilege method call attempt
RuleID : 45349 - Type : FILE-JAVA - Revision : 2
2018-02-06 IBM Java invokeWithClassLoaders method call attempt
RuleID : 45348 - Type : FILE-JAVA - Revision : 2
2014-01-10 IBM Lotus Notes LZH Attachment Viewer buffer overflow
RuleID : 24209 - Type : FILE-OTHER - Revision : 7
2014-01-10 IBM Lotus Notes LZH Attachment Viewer buffer overflow
RuleID : 24208 - Type : FILE-OTHER - Revision : 11
2014-01-10 IBM Lotus Notes LZH Attachment Viewer buffer overflow
RuleID : 24207 - Type : FILE-OTHER - Revision : 11
2014-01-10 LZH archive file magic detected
RuleID : 24206 - Type : FILE-IDENTIFY - Revision : 15
2014-01-10 IBM Lotus Notes URI handler command execution attempt
RuleID : 24200 - Type : SERVER-MAIL - Revision : 6
2014-01-10 IBM Lotus Notes URI handler command execution attempt
RuleID : 24199 - Type : SERVER-MAIL - Revision : 9
2014-01-10 Autonomy KeyView SDK Excel file SST parsing integer overflow attempt
RuleID : 16458 - Type : WEB-CLIENT - Revision : 4
2014-01-10 Microsoft Office Excel SST record remote code execution attempt
RuleID : 15541 - Type : FILE-OFFICE - Revision : 19

Nessus® Vulnerability Scanner

id Description
2014-11-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-1455.nasl - Type: ACT_GATHER_INFO
2014-11-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2013-1456.nasl - Type: ACT_GATHER_INFO
2013-05-28 Name: The version of IBM Notes installed on the remote Windows host accepts Java ap...
File: lotus_notes_accepts_java.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-1485.nasl - Type: ACT_GATHER_INFO
2012-12-17 Name: The remote host has software installed that is affected by multiple vulnerabi...
File: lotus_notes_8_5_3_fp3.nasl - Type: ACT_GATHER_INFO
2012-11-16 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-1465.nasl - Type: ACT_GATHER_INFO
2012-11-16 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-1466.nasl - Type: ACT_GATHER_INFO
2012-11-16 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-1467.nasl - Type: ACT_GATHER_INFO
2012-08-10 Name: The remote host has software installed that is affected by a code execution v...
File: lotus_notes_8_5_3_fp2.nasl - Type: ACT_GATHER_INFO
2011-10-28 Name: The remote Windows host has a mail security application installed that is aff...
File: symantec_sym_11-013.nasl - Type: ACT_GATHER_INFO
2011-05-31 Name: The remote Windows host has an application that is affected by multiple buffe...
File: notes_keyview_overflows2.nasl - Type: ACT_GATHER_INFO
2009-09-04 Name: An email security application running on the remote Windows host is affected ...
File: sms_smtp_keyview_overflow.nasl - Type: ACT_GATHER_INFO