Vulnerabilities for Client application access (...) - CXSECURITY.COM

Vulnerabilities for 'Client application access'

2018-02-19

CVE-2018-1411

CWE-noinfo

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710.

CVE-2018-1410

CWE-noinfo

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138709.

CVE-2018-1409

CWE-noinfo

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708.

2018-02-13

CVE-2017-1720

CWE-77

IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully crafting a command line sent via the shared memory IPC. IBM X-Force ID: 134807.

CVE-2017-1714

CWE-noinfo

IBM Notes and Domino NSD 8.5 and 9.0 could allow an authenticated local user without administrative privileges to gain System privilege. IBM X-Force ID: 134633.

CVE-2017-1711

CWE-426

IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.

2017-02-08

CVE-2016-0270

CWE-200

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1, when using TLS and AES GCM, uses random nonce generation, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack." NOTE: this CVE has been incorrectly used for GCM nonce reuse issues in other products; see CVE-2016-10213 for the A10 issue, CVE-2016-10212 for the Radware issue, and CVE-2017-5933 for the Citrix issue.

>>> Vendor: IBM 1045 Products

Communications server

Lotus domino mail server

Lotus domino server

Aix enetwork firewall

Websphere application server

Tivoli opc tracker agent

Netfinity remote control

System data repository

Navio nc browser

Network station manager

Http server ssl module common

Tivoli management framework

Db2 universal database

Websphere plugin

Net.commerce hosting server

Websphere commerce suite

High availability cluster multiprocessing

Informix web datablade

Tivoli secureway policy director

Alphaworks tftp server

Secureway directory

Lotus domino r5

Visualage for java

Tivoli storage manager

Websphere caching proxy server

Secureway firewall

Aix parallel systems support programs

Lotus notes client

Lotus domino web server

Tivoli firewall toolbox

Internet security systems blackice defender

Websphere edge server caching proxy

Informix dynamic server

Informix extended parallel server

Parallel environment

Trading partner interchange

Tivoli directory server

Tivoli access manager for e-business

Tivoli access manager identity manager solution

Tivoli configuration manager

Tivoli configuration manager for atm

Websphere everyplace server

Hardware management console

Rational clearquest

Lotus domino enterprise server

Db2 content manager

Informix dynamic database server

Lotus domino inotes client

Tivoli business systems manager

Network appliance data ontap

Lotus domino web access

Inventory scout

Client security password manager

Informix client sdk

See all Products for Vendor IBM

Copyright 2024, cxsecurity.com