VYPR

Lotus Expeditor

by IBM

CVEs (5)

  • CVE-2017-1129MedSep 5, 2017
    risk 0.48cvss 6.5epss 0.30

    IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.

  • CVE-2008-1965Apr 25, 2008
    risk 0.04cvss epss 0.11

    Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -launcher option via a cai:…

  • CVE-2012-0191Jun 22, 2012
    risk 0.00cvss epss 0.01

    The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.

  • CVE-2012-0187Jun 22, 2012
    risk 0.00cvss epss 0.02

    Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory.

  • CVE-2012-0186Jun 22, 2012
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a crafted URL.