Lotus Symphony
by IBM
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1965 | 0.04 | — | 0.11 | Apr 25, 2008 | Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -launcher option via a cai:… | |||
| CVE-2010-5204 | 0.00 | — | 0.00 | Sep 6, 2012 | Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm,… | |||
| CVE-2012-0192 | 0.00 | — | 0.05 | Jan 23, 2012 | Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer… | |||
| CVE-2011-2893 | 0.00 | — | 0.01 | Jul 27, 2011 | The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference. | |||
| CVE-2011-2888 | 0.00 | — | 0.02 | Jul 27, 2011 | IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation. | |||
| CVE-2011-2887 | 0.00 | — | 0.02 | Jul 27, 2011 | IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document. | |||
| CVE-2011-2886 | 0.00 | — | 0.01 | Jul 27, 2011 | IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via a .docx document with empty bullet styles for parent bullets. | |||
| CVE-2011-2885 | 0.00 | — | 0.02 | Jul 27, 2011 | IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via the sample .doc document that incorporates a user-defined toolbar. | |||
| CVE-2011-2884 | 0.00 | — | 0.02 | Jul 27, 2011 | Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues." |
- CVE-2008-1965Apr 25, 2008risk 0.04cvss —epss 0.11
Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -launcher option via a cai:…
- CVE-2010-5204Sep 6, 2012risk 0.00cvss —epss 0.00
Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm,…
- CVE-2012-0192Jan 23, 2012risk 0.00cvss —epss 0.05
Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer…
- CVE-2011-2893Jul 27, 2011risk 0.00cvss —epss 0.01
The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference.
- CVE-2011-2888Jul 27, 2011risk 0.00cvss —epss 0.02
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application hang) via complex graphics in a presentation.
- CVE-2011-2887Jul 27, 2011risk 0.00cvss —epss 0.02
IBM Lotus Symphony 3 before FP3 on Linux allows remote attackers to cause a denial of service (application crash) via a certain sample document.
- CVE-2011-2886Jul 27, 2011risk 0.00cvss —epss 0.01
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via a .docx document with empty bullet styles for parent bullets.
- CVE-2011-2885Jul 27, 2011risk 0.00cvss —epss 0.02
IBM Lotus Symphony 3 before FP3 allows remote attackers to cause a denial of service (application crash) via the sample .doc document that incorporates a user-defined toolbar.
- CVE-2011-2884Jul 27, 2011risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in IBM Lotus Symphony 3 before FP3 have unknown impact and attack vectors, related to "critical security vulnerability issues."