Ibm

Lotus Notes Traveler

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2013-0536

  • EPSS 0.05%
  • Veröffentlicht 21.06.2013 17:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login...

9.3

CVE-2012-4823

  • EPSS 13.16%
  • Veröffentlicht 11.01.2013 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, T...

9.3

CVE-2012-4822

  • EPSS 10.24%
  • Veröffentlicht 11.01.2013 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rationa...

9.3

CVE-2012-4821

  • EPSS 5.99%
  • Veröffentlicht 11.01.2013 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rationa...

9.3

CVE-2012-4820

  • EPSS 9.37%
  • Veröffentlicht 11.01.2013 00:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, T...

6.8

CVE-2012-5309

Exploit
  • EPSS 0.55%
  • Veröffentlicht 08.10.2012 10:47:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 does not properly restrict invalid authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.

6.8

CVE-2012-5308

Exploit
  • EPSS 0.11%
  • Veröffentlicht 08.10.2012 10:47:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users for requests that create problem reports via a getRe...

2.6

CVE-2012-5307

Exploit
  • EPSS 0.2%
  • Veröffentlicht 08.10.2012 10:47:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM Lotus Notes Traveler before 8.5.3.3 Interim Fix 1, when Firefox is used, allows remote attackers to inject arbitrary web script or HTML via the redirectURL parameter, a different vul...

4.3

CVE-2012-4825

Exploit
  • EPSS 0.24%
  • Veröffentlicht 08.10.2012 10:47:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getCli...

5.8

CVE-2012-4824

Exploit
  • EPSS 0.2%
  • Veröffentlicht 08.10.2012 10:47:45
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Traveler 8.5.3 before 8.5.3.3 Interim Fix 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirectURL parameter.