Search Results | AttackerKB

Show filters

Topics 12 Users 9,700

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

12 Total Results

Displaying 1-10 of 12

Attacker Value

Unknown

CVE-2017-1274

Disclosure Date: April 25, 2017 (last updated November 26, 2024)

IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.

1

Attacker Value

Unknown

CVE-2016-6087

Disclosure Date: June 07, 2017 (last updated November 26, 2024)

IBM Domino 8.5 and 9.0 could allow an attacker to steal credentials using multiple sessions and large amounts of data using Domino TLS Key Exchange validation. IBM X-Force ID: 117918.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2016-5882

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-2939

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-6113

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM Verse is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-5880

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-2938

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-5884

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM iNotes is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0

Attacker Value

Unknown

CVE-2016-0304

Disclosure Date: June 29, 2016 (last updated November 25, 2024)

The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, aka SPR KLYHA7MM3J. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0920.

0

Attacker Value

Unknown

CVE-2015-5040

Disclosure Date: October 29, 2015 (last updated October 05, 2023)

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-4994.

0