Vulnerabilities > IBM > Lotus Notes > 7.0.2.3

DATE CVE VULNERABILITY TITLE RISK
2011-05-31 CVE-2011-1512 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.
network
autonomy ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1218 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP.
network
autonomy ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1217 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes
Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment.
network
ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1216 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.
network
ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1215 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes
Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.
network
ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1214 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Notes
Stack-based buffer overflow in rtfsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment, aka SPR PRAD8823JQ.
network
ibm CWE-119
critical
9.3
2011-05-31 CVE-2011-1213 Numeric Errors vulnerability in IBM Lotus Notes
Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.
network
ibm CWE-189
critical
9.3
2007-10-29 CVE-2007-5544 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Lotus Notes
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
local
low complexity
ibm CWE-732
7.8