Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-02-08 | CVE-2011-0918 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE. | 10.0 |
| 2011-02-08 | CVE-2011-0917 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX. | 10.0 |
| 2011-02-08 | CVE-2011-0916 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H. | 10.0 |
| 2011-02-08 | CVE-2011-0915 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23. | 10.0 |
| 2011-02-08 | CVE-2011-0914 | Numeric Errors vulnerability in IBM Lotus Domino Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow. | 10.0 |
| 2011-02-08 | CVE-2011-0913 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache. | 10.0 |
| 2011-02-08 | CVE-2011-0912 | Improper Input Validation vulnerability in IBM Lotus Notes Argument injection vulnerability in IBM Lotus Notes 8.0.x before 8.0.2 FP6 and 8.5.x before 8.5.1 FP5 allows remote attackers to execute arbitrary code via a cai:// URL containing a --launcher.library option that specifies a UNC share pathname for a DLL file, aka SPR PRAD82YJW2. | 9.3 |
| 2011-02-08 | CVE-2011-0885 | Credentials Management vulnerability in SMC Networks Smcd3G-Ccr and Smcd3G-Ccr Firmware A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface. | 10.0 |
| 2011-02-07 | CVE-2011-0324 | Buffer Errors vulnerability in Topazsystems Sigplus PRO Activex Control 3.95 Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyString property, (2) NewPath parameter to the SetLocalIniFilePath method, or (3) NewPortPath parameter to the SetTabletPortPath method. | 9.3 |
| 2011-02-07 | CVE-2011-0323 | Multiple vulnerability in Topazsystems Sigplus PRO Activex Control 3.95 Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allows remote attackers to execute arbitrary code by calling the exposed unsafe (1) SetLogFilePath and (2) SigMessage methods to create arbitrary files with arbitrary content. | 9.3 |