Vulnerabilities > IBM > Domino WEB Access
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-03-03 | CVE-2010-0919 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Domino web Access and Lotus Inotes Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ. | 7.6 |
| 2010-01-09 | CVE-2010-0276 | Security vulnerability in IBM Domino web Access, Lotus Domino and Lotus Inotes IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU. | 10.0 |
| 2009-09-08 | CVE-2009-3105 | Cross-Site Scripting vulnerability in IBM Domino web Access 8.0.1 Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC. | 4.3 |
| 2007-12-27 | CVE-2007-4474 | Buffer Errors vulnerability in IBM Domino web Access and Lotus Domino web Access Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | 9.3 |