Summary
| Detail | |||
|---|---|---|---|
| Vendor | Ibm | First view | 2001-01-09 |
| Product | Lotus Notes | Last view | 2011-05-31 |
| Version | 5.0.4a | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:ibm:lotus_notes | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2011-05-31 | CVE-2011-1512 | Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR. |
| 9.3 | 2011-05-31 | CVE-2011-1218 | Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information. |
| 9.3 | 2011-05-31 | CVE-2011-1217 | Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information. |
| 9.3 | 2011-05-31 | CVE-2011-1216 | Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7. |
| 9.3 | 2011-05-31 | CVE-2011-1215 | Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND. |
| 9.3 | 2011-05-31 | CVE-2011-1214 | Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ. |
| 9.3 | 2011-05-31 | CVE-2011-1213 | Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W. |
| 9.3 | 2008-03-08 | CVE-2007-6706 | Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP. |
| 6.9 | 2007-12-28 | CVE-2007-6594 | IBM Lotus Notes 8 for Linux before 8.0.1 uses (1) unspecified weak permissions for the installation kit obtained through a Notes 8 download and (2) 0777 permissions for the installdata file that is created by setup.sh, which allows local users to gain privileges via a Trojan horse file. |
| 9.3 | 2007-11-09 | CVE-2007-5910 | Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute arbitrary code via a crafted WordPerfect (WPD) file. |
| 9.3 | 2007-11-09 | CVE-2007-5909 | Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOTE: the WPD (wp6sr.dll) vector is covered by CVE-2007-5910. |
| 7.8 | 2007-10-29 | CVE-2007-5544 | IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session. |
| 9.3 | 2007-10-29 | CVE-2007-4222 | Buffer overflow in the TagAttributeListCopy function in nnotes.dll in IBM Lotus Notes before 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a crafted HTML email, related to duplicate RTF conversion when the recipient operates on this email. |
| 7.5 | 2001-07-21 | CVE-2000-0891 | A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. |
| 7.5 | 2001-01-09 | CVE-2000-1138 | Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 69% (9) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 7% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 7% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 7% (1) | CWE-189 | Numeric Errors |
| 7% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
CAPEC : Common Attack Pattern Enumeration & Classification
| id | Name |
|---|---|
| CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
| CAPEC-17 | Accessing, Modifying or Executing Executable Files |
| CAPEC-60 | Reusing Session IDs (aka Session Replay) |
| CAPEC-61 | Session Fixation |
| CAPEC-62 | Cross Site Request Forgery (aka Session Riding) |
| CAPEC-122 | Exploitation of Authorization |
| CAPEC-180 | Exploiting Incorrectly Configured Access Control Security Levels |
| CAPEC-232 | Exploitation of Privilege/Trust |
| CAPEC-234 | Hijacking a privileged process |
SAINT Exploits
| Description | Link |
|---|---|
| Lotus Notes MIF attachment viewer buffer overflow | More info here |
| Lotus Notes TagAttributeListCopy buffer overflow | More info here |
| Lotus Notes WPD attachment viewer buffer overflow | More info here |
| IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 72711 | IBM Lotus Notes Autonomy KeyView kvarcve.dll zip Attachment Parsing Overflow |
| 72710 | IBM Lotus Notes Autonomy KeyView kpprzrdr.dll prz Attachment Parsing Overflow |
| 72709 | IBM Lotus Notes Autonomy KeyView assr.dll Tag Data Parsing Overflow |
| 72708 | IBM Lotus Notes Autonomy KeyView mw8sr.dll Link Parsing Overflow |
| 72707 | IBM Lotus Notes Autonomy KeyView rtfsr.dll Link Parsing Overflow |
| 72706 | IBM Lotus Notes Autonomy KeyView lzhsr.dll Underflow Header Parsing Overflow |
| 72705 | IBM Lotus Notes Autonomy KeyView xlssr.dll Biff Record Parsing Overflow |
| 40956 | IBM Lotus Notes nlnotes.dll SMTP Message Handling Remote Code Execution |
| 40949 | IBM Lotus Notes nnotes.dll TagAttributeListCopy Function HTML E-mail RTF Conv... |
| 40948 | IBM Lotus Notes / Domino IPC Shared Memory Permission Weakness Local Privileg... |
| 40934 | IBM Lotus Notes for Linux setup.sh installdata Permission Weakness Local Priv... |
| 40933 | IBM Lotus Notes for Linux Downloaded Installation Kit Unspecified Permission ... |
| 40792 | Autonomy KeyView Multiple Products lasr.dll SAM File Handling Overflow |
| 40791 | Autonomy KeyView Multiple Products mifsr.dll MIF File Handling Overflow |
| 40790 | Autonomy KeyView Multiple Products rtfsr.dll RTF File Handling Overflow |
| 40789 | Autonomy KeyView Multiple Products mwsr.dll DOC File Handling Overflow |
| 40788 | Autonomy KeyView Multiple Products exesr.dll EXE / DLL File Handling Overflow |
| 40787 | Autonomy KeyView Multiple Products awsr.dll AW File Handling Overflow |
| 40786 | Autonomy KeyView Multiple Products kpagrdr.dll AG File Handling Overflow |
| 40783 | Autonomy KeyView Multiple Products Crafted WordPerfect (WPD) File Handling O... |
| 10806 | IBM Lotus Notes Client S/MIME Message Modification Warning Failure |
| 5827 | IBM Lotus Notes Email Attachment Automatic Execution |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-06-07 | Name : IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities (Win) File : nvt/gb_ibm_lotus_notes_mult_bof_vuln_win.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-04-02 | IBM Lotus Notes LZH Attachment Viewer buffer overflow attempt RuleID : 49297 - Type : FILE-OTHER - Revision : 2 |
| 2014-01-10 | IBM Lotus Notes LZH Attachment Viewer buffer overflow RuleID : 24209 - Type : FILE-OTHER - Revision : 7 |
| 2014-01-10 | IBM Lotus Notes LZH Attachment Viewer buffer overflow RuleID : 24208 - Type : FILE-OTHER - Revision : 11 |
| 2014-01-10 | IBM Lotus Notes LZH Attachment Viewer buffer overflow RuleID : 24207 - Type : FILE-OTHER - Revision : 11 |
| 2014-01-10 | LZH archive file magic detected RuleID : 24206 - Type : FILE-IDENTIFY - Revision : 15 |
| 2014-01-10 | Lotus Notes MIF viewer statement data overflow 2 RuleID : 18477 - Type : SERVER-MAIL - Revision : 8 |
| 2014-01-10 | IBM Lotus Notes DOC attachment viewer buffer overflow RuleID : 18476 - Type : SERVER-MAIL - Revision : 9 |
| 2014-01-10 | IBM Lotus Notes HTML input tag buffer overflow attempt RuleID : 17717 - Type : SERVER-MAIL - Revision : 12 |
| 2014-01-10 | IBM Lotus Notes DOC attachment viewer buffer overflow RuleID : 17716 - Type : SERVER-MAIL - Revision : 11 |
| 2014-01-10 | IBM Lotus Notes DOC attachment viewer buffer overflow RuleID : 15485 - Type : SERVER-MAIL - Revision : 8 |
| 2014-01-10 | Lotus 123 file attachment RuleID : 12807 - Type : FILE-IDENTIFY - Revision : 16 |
| 2014-01-10 | IBM Lotus Notes MIF viewer statement data overflow RuleID : 12706 - Type : SERVER-MAIL - Revision : 13 |
| 2014-01-10 | IBM Lotus Notes MIF viewer statement overflow RuleID : 12705 - Type : SERVER-MAIL - Revision : 10 |
| 2014-01-10 | IBM Lotus Notes MIF viewer MIFFILE comment overflow RuleID : 12704 - Type : SERVER-MAIL - Revision : 10 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2011-10-28 | Name: The remote Windows host has a mail security application installed that is aff... File: symantec_sym_11-013.nasl - Type: ACT_GATHER_INFO |
| 2011-05-31 | Name: The remote Windows host has an application that is affected by multiple buffe... File: notes_keyview_overflows2.nasl - Type: ACT_GATHER_INFO |
| 2007-10-25 | Name: The remote Windows host has an application that is affected by an unauthorize... File: notes_mem_mapped_files.nasl - Type: ACT_GATHER_INFO |
| 2007-10-24 | Name: The remote Windows host has an application that is affected by several buffer... File: notes_keyview_overflows.nasl - Type: ACT_GATHER_INFO |
