VYPR

Lotus Domino

by IBM

CVEs (132)

  • CVE-2006-4843Mar 29, 2007
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Active Content Filter feature in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified "code sequences" that bypass the protection scheme.

  • CVE-2007-1739Mar 28, 2007
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory…

  • CVE-2006-5818Nov 8, 2006
    risk 0.00cvss epss 0.00

    Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.

  • CVE-2006-0580Feb 8, 2006
    risk 0.00cvss epss 0.03

    IBM Lotus Domino Server 7.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted packet to the LDAP port (389/TCP).

  • CVE-2006-0119Jan 9, 2006
    risk 0.00cvss epss 0.04

    Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4)…

  • CVE-2006-0120Jan 9, 2006
    risk 0.00cvss epss 0.02

    Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact…

  • CVE-2006-0121Jan 9, 2006
    risk 0.00cvss epss 0.02

    Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the…

  • CVE-2006-0118Jan 9, 2006
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in IBM Lotus Notes and Domino Server before 6.5.5, when running on AIX, allows attackers to cause a denial of service (deep recursion leading to stack overflow and crash) via long formulas.

  • CVE-2006-0117Jan 9, 2006
    risk 0.00cvss epss 0.02

    Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion".

  • CVE-2005-2712Dec 31, 2005
    risk 0.00cvss epss 0.03

    The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference.

  • CVE-2005-4819Dec 31, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

  • CVE-2005-3015Sep 21, 2005
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.

  • CVE-2005-1441May 3, 2005
    risk 0.00cvss epss 0.02

    Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC).

  • CVE-2005-1405May 3, 2005
    risk 0.00cvss epss 0.00

    HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.

  • CVE-2005-1101May 2, 2005
    risk 0.00cvss epss 0.03

    Multiple buffer overflows in Lotus Domino Server 6.0.5 and 6.5.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via large amounts of data in certain (1) time or (2) date fields.

  • CVE-2004-2369Dec 31, 2004
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command.

  • CVE-2004-2667Dec 31, 2004
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

  • CVE-2004-0669Aug 6, 2004
    risk 0.00cvss epss 0.02

    Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command.

  • CVE-2004-0029Jan 20, 2004
    risk 0.00cvss epss 0.00

    Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.

  • CVE-2003-0123Mar 18, 2003
    risk 0.00cvss epss 0.03

    Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.

Page 6 of 7