IBM » Lotus Expeditor : Security Vulnerabilities, CVEs,
The web container in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack does not properly perform access control for requests, which allows remote attackers to spoof a localhost request origin via crafted headers.
Max CVSS
5.0
EPSS Score
0.16%
Published
2012-06-22
Updated
2017-08-29
Untrusted search path vulnerability in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Max CVSS
9.3
EPSS Score
0.07%
Published
2012-06-22
Updated
2017-08-29
Directory traversal vulnerability in the Eclipse Help component in IBM Lotus Expeditor 6.1.x and 6.2.x before 6.2 FP5+Security Pack allows remote attackers to discover the locations of files via a crafted URL.
Max CVSS
4.3
EPSS Score
0.29%
Published
2012-06-22
Updated
2017-08-29
3 vulnerabilities found