Vulnerabilities > IBM > Lotus Symphony > 3.0.0.1

DATE CVE VULNERABILITY TITLE RISK
2012-01-23 CVE-2012-0192 Numeric Errors vulnerability in IBM Lotus Symphony
Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer overflow, as demonstrated by a .doc file.
network
ibm CWE-189
critical
 9.3
9.3
2011-07-27 CVE-2011-2893 Resource Management Errors vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference.
network
ibm CWE-399
4.3
4.3
2011-07-27 CVE-2011-2888 Resource Management Errors vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation.
network
ibm CWE-399
4.3
4.3
2011-07-27 CVE-2011-2887 Resource Management Errors vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.
network
ibm linux CWE-399
4.3
4.3
2011-07-27 CVE-2011-2886 Resource Management Errors vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via a .docx document with empty bullet styles for parent bullets.
network
ibm CWE-399
4.3
4.3
2011-07-27 CVE-2011-2885 Resource Management Errors vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via the sample .doc document that incorporates a user-defined toolbar.
network
ibm CWE-399
4.3
4.3
2011-07-27 CVE-2011-2884 Denial of Service vulnerability and Unspecified vulnerability in IBM Lotus Symphony 3.0.0/3.0.0.1/3.0.0.2
Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."
network
low complexity
ibm
critical
 10.0
10