Vulnerabilites related to ibm - lotus_domino_web_server
CVE-2003-0179 (GCVE-0-2003-0179)
Vulnerability from cvelistv5
Published
2003-03-29 05:00
Modified
2024-08-08 01:43
Severity ?
CWE
  • n/a
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
References
http://marc.info/?l=bugtraq&m=104550335103136&w=2 mailing-list, x_refsource_BUGTRAQ
http://www-1.ibm.com/support/docview.wss?uid=swg21104543 x_refsource_CONFIRM
http://www.cert.org/advisories/CA-2003-11.html third-party-advisory, x_refsource_CERT
http://marc.info/?l=ntbugtraq&m=104558778131373&w=2 mailing-list, x_refsource_NTBUGTRAQ
http://www.securityfocus.com/bid/6872 vdb-entry, x_refsource_BID
http://www.kb.cert.org/vuls/id/571297 third-party-advisory, x_refsource_CERT-VN
http://marc.info/?l=ntbugtraq&m=104558778331387&w=2 mailing-list, x_refsource_NTBUGTRAQ
http://www.ciac.org/ciac/bulletins/n-065.shtml third-party-advisory, government-resource, x_refsource_CIAC
https://exchange.xforce.ibmcloud.com/vulnerabilities/11339 vdb-entry, x_refsource_XF
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html mailing-list, x_refsource_VULNWATCH
http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt x_refsource_MISC
http://marc.info/?l=bugtraq&m=104550124032513&w=2 mailing-list, x_refsource_BUGTRAQ
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.016Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030217 Domino Advisories UPDATE",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
          },
          {
            "name": "CA-2003-11",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-11.html"
          },
          {
            "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
          },
          {
            "name": "6872",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6872"
          },
          {
            "name": "VU#571297",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/571297"
          },
          {
            "name": "20030217 Domino Advisories UPDATE",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
          },
          {
            "name": "N-065",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
          },
          {
            "name": "lotus-notes-activex-bo(11339)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
          },
          {
            "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
          },
          {
            "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030217 Domino Advisories UPDATE",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
        },
        {
          "name": "CA-2003-11",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-11.html"
        },
        {
          "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
        },
        {
          "name": "6872",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6872"
        },
        {
          "name": "VU#571297",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/571297"
        },
        {
          "name": "20030217 Domino Advisories UPDATE",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
        },
        {
          "name": "N-065",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
        },
        {
          "name": "lotus-notes-activex-bo(11339)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
        },
        {
          "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
        },
        {
          "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0179",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030217 Domino Advisories UPDATE",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
            },
            {
              "name": "CA-2003-11",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-11.html"
            },
            {
              "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
            },
            {
              "name": "6872",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6872"
            },
            {
              "name": "VU#571297",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/571297"
            },
            {
              "name": "20030217 Domino Advisories UPDATE",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
            },
            {
              "name": "N-065",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
            },
            {
              "name": "lotus-notes-activex-bo(11339)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
            },
            {
              "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
            },
            {
              "name": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
            },
            {
              "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0179",
    "datePublished": "2003-03-29T05:00:00",
    "dateReserved": "2003-03-28T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.016Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-0067 (GCVE-0-2007-0067)
Vulnerability from cvelistv5
Published
2007-06-06 10:00
Modified
2024-08-07 12:03
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
References
http://www.securityfocus.com/bid/24307 vdb-entry, x_refsource_BID
http://www-1.ibm.com/support/docview.wss?uid=swg21257251 x_refsource_CONFIRM
http://osvdb.org/35766 vdb-entry, x_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/34689 vdb-entry, x_refsource_XF
http://www.securitytracker.com/id?1018189 vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/25542 third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2046 vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:03:36.973Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24307",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24307"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
          },
          {
            "name": "35766",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35766"
          },
          {
            "name": "domino-unspecified-dos(34689)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
          },
          {
            "name": "1018189",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018189"
          },
          {
            "name": "25542",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25542"
          },
          {
            "name": "ADV-2007-2046",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24307",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24307"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
        },
        {
          "name": "35766",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35766"
        },
        {
          "name": "domino-unspecified-dos(34689)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
        },
        {
          "name": "1018189",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018189"
        },
        {
          "name": "25542",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25542"
        },
        {
          "name": "ADV-2007-2046",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2046"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-0067",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24307",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24307"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
            },
            {
              "name": "35766",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35766"
            },
            {
              "name": "domino-unspecified-dos(34689)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
            },
            {
              "name": "1018189",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018189"
            },
            {
              "name": "25542",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25542"
            },
            {
              "name": "ADV-2007-2046",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2046"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-0067",
    "datePublished": "2007-06-06T10:00:00",
    "dateReserved": "2007-01-04T00:00:00",
    "dateUpdated": "2024-08-07T12:03:36.973Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-2410 (GCVE-0-2008-2410)
Vulnerability from cvelistv5
Published
2008-05-22 10:00
Modified
2024-08-07 08:58
Severity ?
CWE
  • n/a
Summary
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/42553 vdb-entry, x_refsource_XF
http://www.vupen.com/english/advisories/2008/1597 vdb-entry, x_refsource_VUPEN
http://www-1.ibm.com/support/docview.wss?uid=swg21303296 x_refsource_CONFIRM
http://secunia.com/advisories/30310 third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/30332 third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/29311 vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:58:02.307Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-lotusdomino-servlet-web-xss(42553)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
          },
          {
            "name": "ADV-2008-1597",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1597"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
          },
          {
            "name": "30310",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30310"
          },
          {
            "name": "30332",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30332"
          },
          {
            "name": "29311",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29311"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ibm-lotusdomino-servlet-web-xss(42553)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
        },
        {
          "name": "ADV-2008-1597",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1597"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
        },
        {
          "name": "30310",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30310"
        },
        {
          "name": "30332",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30332"
        },
        {
          "name": "29311",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29311"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2410",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-lotusdomino-servlet-web-xss(42553)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
            },
            {
              "name": "ADV-2008-1597",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1597"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
            },
            {
              "name": "30310",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30310"
            },
            {
              "name": "30332",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30332"
            },
            {
              "name": "29311",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29311"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2410",
    "datePublished": "2008-05-22T10:00:00",
    "dateReserved": "2008-05-22T00:00:00",
    "dateUpdated": "2024-08-07T08:58:02.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0178 (GCVE-0-2003-0178)
Vulnerability from cvelistv5
Published
2003-03-29 05:00
Modified
2024-08-08 01:43
Severity ?
CWE
  • n/a
Summary
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
References
http://marc.info/?l=bugtraq&m=104550063431463&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/772817 third-party-advisory, x_refsource_CERT-VN
http://marc.info/?l=bugtraq&m=104550335103136&w=2 mailing-list, x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html mailing-list, x_refsource_VULNWATCH
http://marc.info/?l=bugtraq&m=104550063431461&w=2 mailing-list, x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/542873 third-party-advisory, x_refsource_CERT-VN
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html mailing-list, x_refsource_VULNWATCH
http://www.cert.org/advisories/CA-2003-11.html third-party-advisory, x_refsource_CERT
http://marc.info/?l=ntbugtraq&m=104558777531350&w=2 mailing-list, x_refsource_NTBUGTRAQ
http://marc.info/?l=ntbugtraq&m=104558777331345&w=2 mailing-list, x_refsource_NTBUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/11337 vdb-entry, x_refsource_XF
http://www.kb.cert.org/vuls/id/206361 third-party-advisory, x_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilities/11336 vdb-entry, x_refsource_XF
http://marc.info/?l=ntbugtraq&m=104558778331387&w=2 mailing-list, x_refsource_NTBUGTRAQ
http://www.securityfocus.com/bid/6870 vdb-entry, x_refsource_BID
http://www.ciac.org/ciac/bulletins/n-065.shtml third-party-advisory, government-resource, x_refsource_CIAC
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html mailing-list, x_refsource_VULNWATCH
http://www.nextgenss.com/advisories/lotus-hostlocbo.txt x_refsource_MISC
http://www.nextgenss.com/advisories/lotus-inotesoflow.txt x_refsource_MISC
http://www.securityfocus.com/bid/6871 vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.058Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
          },
          {
            "name": "VU#772817",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/772817"
          },
          {
            "name": "20030217 Domino Advisories UPDATE",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
          },
          {
            "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
          },
          {
            "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
          },
          {
            "name": "VU#542873",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/542873"
          },
          {
            "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
          },
          {
            "name": "CA-2003-11",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-11.html"
          },
          {
            "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
          },
          {
            "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
          },
          {
            "name": "lotus-domino-hostname-bo(11337)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
          },
          {
            "name": "VU#206361",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/206361"
          },
          {
            "name": "lotus-domino-inotes-bo(11336)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
          },
          {
            "name": "20030217 Domino Advisories UPDATE",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
          },
          {
            "name": "6870",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6870"
          },
          {
            "name": "N-065",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
          },
          {
            "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
          },
          {
            "name": "6871",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6871"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
        },
        {
          "name": "VU#772817",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/772817"
        },
        {
          "name": "20030217 Domino Advisories UPDATE",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
        },
        {
          "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
        },
        {
          "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
        },
        {
          "name": "VU#542873",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/542873"
        },
        {
          "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
        },
        {
          "name": "CA-2003-11",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-11.html"
        },
        {
          "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
        },
        {
          "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
        },
        {
          "name": "lotus-domino-hostname-bo(11337)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
        },
        {
          "name": "VU#206361",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/206361"
        },
        {
          "name": "lotus-domino-inotes-bo(11336)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
        },
        {
          "name": "20030217 Domino Advisories UPDATE",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
        },
        {
          "name": "6870",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6870"
        },
        {
          "name": "N-065",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
        },
        {
          "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
        },
        {
          "name": "6871",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6871"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0178",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
            },
            {
              "name": "VU#772817",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/772817"
            },
            {
              "name": "20030217 Domino Advisories UPDATE",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
            },
            {
              "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
            },
            {
              "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
            },
            {
              "name": "VU#542873",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/542873"
            },
            {
              "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
            },
            {
              "name": "CA-2003-11",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-11.html"
            },
            {
              "name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
            },
            {
              "name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
            },
            {
              "name": "lotus-domino-hostname-bo(11337)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
            },
            {
              "name": "VU#206361",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/206361"
            },
            {
              "name": "lotus-domino-inotes-bo(11336)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
            },
            {
              "name": "20030217 Domino Advisories UPDATE",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
            },
            {
              "name": "6870",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6870"
            },
            {
              "name": "N-065",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
            },
            {
              "name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
            },
            {
              "name": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
            },
            {
              "name": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
            },
            {
              "name": "6871",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6871"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0178",
    "datePublished": "2003-03-29T05:00:00",
    "dateReserved": "2003-03-28T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.058Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0181 (GCVE-0-2003-0181)
Vulnerability from cvelistv5
Published
2003-03-29 05:00
Modified
2024-08-08 01:43
Severity ?
CWE
  • n/a
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
          },
          {
            "name": "CA-2003-11",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-11.html"
          },
          {
            "name": "6951",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6951"
          },
          {
            "name": "lotus-invalid-field-dos(11361)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
          },
          {
            "name": "20030218 More Lotus Domino Advisories",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
        },
        {
          "name": "CA-2003-11",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-11.html"
        },
        {
          "name": "6951",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6951"
        },
        {
          "name": "lotus-invalid-field-dos(11361)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
        },
        {
          "name": "20030218 More Lotus Domino Advisories",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0181",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
            },
            {
              "name": "CA-2003-11",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-11.html"
            },
            {
              "name": "6951",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6951"
            },
            {
              "name": "lotus-invalid-field-dos(11361)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
            },
            {
              "name": "20030218 More Lotus Domino Advisories",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0181",
    "datePublished": "2003-03-29T05:00:00",
    "dateReserved": "2003-03-28T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.024Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2003-0180 (GCVE-0-2003-0180)
Vulnerability from cvelistv5
Published
2003-03-29 05:00
Modified
2024-08-08 01:43
Severity ?
CWE
  • n/a
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
References
http://www.nextgenss.com/advisories/lotus-60dos.txt x_refsource_MISC
http://www.cert.org/advisories/CA-2003-11.html third-party-advisory, x_refsource_CERT
https://exchange.xforce.ibmcloud.com/vulnerabilities/11360 vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/6951 vdb-entry, x_refsource_BID
http://www-1.ibm.com/support/docview.wss?uid=swg21104528 x_refsource_CONFIRM
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html mailing-list, x_refsource_VULNWATCH
http://www.ciac.org/ciac/bulletins/n-065.shtml third-party-advisory, government-resource, x_refsource_CIAC
http://www.kb.cert.org/vuls/id/355169 third-party-advisory, x_refsource_CERT-VN
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
          },
          {
            "name": "CA-2003-11",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.cert.org/advisories/CA-2003-11.html"
          },
          {
            "name": "lotus-incomplete-post-dos(11360)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
          },
          {
            "name": "6951",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/6951"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
          },
          {
            "name": "20030218 More Lotus Domino Advisories",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
          },
          {
            "name": "N-065",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
          },
          {
            "name": "VU#355169",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/355169"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
        },
        {
          "name": "CA-2003-11",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.cert.org/advisories/CA-2003-11.html"
        },
        {
          "name": "lotus-incomplete-post-dos(11360)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
        },
        {
          "name": "6951",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/6951"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
        },
        {
          "name": "20030218 More Lotus Domino Advisories",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
        },
        {
          "name": "N-065",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
        },
        {
          "name": "VU#355169",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/355169"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0180",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
            },
            {
              "name": "CA-2003-11",
              "refsource": "CERT",
              "url": "http://www.cert.org/advisories/CA-2003-11.html"
            },
            {
              "name": "lotus-incomplete-post-dos(11360)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
            },
            {
              "name": "6951",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/6951"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
            },
            {
              "name": "20030218 More Lotus Domino Advisories",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
            },
            {
              "name": "N-065",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
            },
            {
              "name": "VU#355169",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/355169"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0180",
    "datePublished": "2003-03-29T05:00:00",
    "dateReserved": "2003-03-28T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2008-05-22 13:09
Modified
2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
cve@mitre.orghttp://secunia.com/advisories/30310Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/30332Vendor Advisory
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg21303296
cve@mitre.orghttp://www.securityfocus.com/bid/29311
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/1597
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/42553
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30310Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30332Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg21303296
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29311
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/1597
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42553
Impacted products
Vendor Product Version
ibm lotus_domino_web_server *
ibm lotus_domino_web_server 7.0
ibm lotus_domino_web_server 7.0.1
ibm lotus_domino_web_server 7.0.2
ibm lotus_domino_web_server 7.0.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC0B5C12-70BE-461B-9C58-E013BCA05D4B",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB51B8A-58CF-4F26-B1D3-9C572658EE03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F86B710-6F83-4145-BABD-A742C0BB88A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E23B4E9-2AF5-407F-87AE-4F49F78B07A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E344283F-CC85-424D-B19D-A41366937653",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en el motor de servlets y el contenedor Web en el servicio  Web Server de IBM Lotus Domino anterior a 7.0.3 FP1 y 8.x anterior al 8.0.1, permite a usuarios autenticados remotamente inyectar secuencias de comandos web y HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2008-2410",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-05-22T13:09:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30310"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30332"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29311"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1597"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2007-06-06 10:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
References
cve@mitre.orghttp://osvdb.org/35766
cve@mitre.orghttp://secunia.com/advisories/25542Patch, Vendor Advisory
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg21257251Patch
cve@mitre.orghttp://www.securityfocus.com/bid/24307Patch
cve@mitre.orghttp://www.securitytracker.com/id?1018189
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/2046
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/34689
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/35766
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/25542Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg21257251Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/24307Patch
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1018189
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/2046
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/34689
Impacted products
Vendor Product Version
ibm lotus_domino_web_server 6.0
ibm lotus_domino_web_server 6.0.1
ibm lotus_domino_web_server 6.0.2
ibm lotus_domino_web_server 6.0.2_cf2
ibm lotus_domino_web_server 6.0.3
ibm lotus_domino_web_server 6.0.4
ibm lotus_domino_web_server 6.0.5
ibm lotus_domino_web_server 6.5.0
ibm lotus_domino_web_server 6.5.1
ibm lotus_domino_web_server 6.5.2
ibm lotus_domino_web_server 6.5.3
ibm lotus_domino_web_server 6.5.4
ibm lotus_domino_web_server 6.5.4
ibm lotus_domino_web_server 6.5.4
ibm lotus_domino_web_server 6.5.5
ibm lotus_domino_web_server 6.5.5
ibm lotus_domino_web_server 6.5.5
ibm lotus_domino_web_server 7.0
ibm lotus_domino_web_server 7.0.1
ibm lotus_domino_web_server 7.0.2
ibm lotus_domino_web_server 7.0.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF5C4AD-612C-4091-8918-B38B4EE5D5F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF760480-18AF-428F-B23E-F42DDF2DD1A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.2_cf2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A350D46-B6FB-4809-8C88-9CF2987ACB96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD9306C-F17B-4993-B2D2-D15A9DE3820F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "38B2C269-DFB3-4BDF-A2E1-CD9D8E374BE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "95796BC8-2429-424F-909E-6D59FEB06890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99D4C46-D536-4DEE-9990-782EE1D00411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB05440A-968C-4F87-8AE8-D626BD41D466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0FAB376-B902-43A4-B7E7-83740ECB589F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B61C8BC2-50D4-4CD1-9B59-217B09A1C27C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "847B7E87-A1B4-484A-9796-D704658DA7B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.4:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "1B4097C6-ABB9-4CC8-97D7-D1E758D43A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.4:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "B450E061-8424-48F8-BC9C-E8941D6D488B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72E51C3-16D7-4B7B-B92B-CEEA4D2EB029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.5:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "AFABB21B-E42F-4229-82BB-7C174CD7BBDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.5.5:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "2D5B7B0F-08E2-4AAF-BBC8-59B42E2E8E2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB51B8A-58CF-4F26-B1D3-9C572658EE03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F86B710-6F83-4145-BABD-A742C0BB88A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E23B4E9-2AF5-407F-87AE-4F49F78B07A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:7.0.2:*:fp1:*:*:*:*:*",
              "matchCriteriaId": "63C63D06-7F19-4C43-8595-851F9A422570",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en en el servidor web de Lotus Domino 6.0, 6.5.x anterior a 6.5.6, y 7.0.x anterior a 7.0.3 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante peticiones de URLs que referencian determinados archivos."
    }
  ],
  "id": "CVE-2007-0067",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-06T10:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35766"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25542"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24307"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018189"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2046"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35766"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/24307"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104550063431461&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104550063431463&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104550335103136&w=2
cve@mitre.orghttp://marc.info/?l=ntbugtraq&m=104558777331345&w=2
cve@mitre.orghttp://marc.info/?l=ntbugtraq&m=104558777531350&w=2
cve@mitre.orghttp://marc.info/?l=ntbugtraq&m=104558778331387&w=2
cve@mitre.orghttp://www.cert.org/advisories/CA-2003-11.htmlUS Government Resource
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/n-065.shtml
cve@mitre.orghttp://www.kb.cert.org/vuls/id/206361US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/542873US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/772817Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.nextgenss.com/advisories/lotus-hostlocbo.txt
cve@mitre.orghttp://www.nextgenss.com/advisories/lotus-inotesoflow.txt
cve@mitre.orghttp://www.securityfocus.com/bid/6870
cve@mitre.orghttp://www.securityfocus.com/bid/6871Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11336
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11337
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104550063431461&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104550063431463&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104550335103136&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=ntbugtraq&m=104558777331345&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=ntbugtraq&m=104558777531350&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
af854a3a-2127-422b-91ae-364da2661108http://www.cert.org/advisories/CA-2003-11.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/n-065.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/206361US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/542873US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/772817Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.nextgenss.com/advisories/lotus-hostlocbo.txt
af854a3a-2127-422b-91ae-364da2661108http://www.nextgenss.com/advisories/lotus-inotesoflow.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6870
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6871Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11336
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11337
Impacted products
Vendor Product Version
ibm lotus_domino_web_server 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
    },
    {
      "lang": "es",
      "value": "Multiples desbordamiento de b\u00fafer en Lotus Domino Web Server anteriores a la 6.0.1 permiten a atacantes remotos causar Denegaci\u00f3n de Servicios o la ejecuci\u00f3n de c\u00f3digo arbitrario mediante:\r\n\r\nla opci\u00f3n s_ViewName en el par\u00e1metro PresetFields de iNotes\r\nla opci\u00f3n Foldername en el par\u00e1metro PresetFields de iNotes\r\nuna cabecera Host larga, insertada en una cabecera de Localizaci\u00f3n larga y utilizada durante una operaci\u00f3n de redirecci\u00f3n."
    }
  ],
  "id": "CVE-2003-0178",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/206361"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/542873"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/772817"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/6870"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6871"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/206361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/542873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/772817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/6870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6871"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104550124032513&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=104550335103136&w=2
cve@mitre.orghttp://marc.info/?l=ntbugtraq&m=104558778131373&w=2
cve@mitre.orghttp://marc.info/?l=ntbugtraq&m=104558778331387&w=2
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg21104543
cve@mitre.orghttp://www.cert.org/advisories/CA-2003-11.htmlUS Government Resource
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/n-065.shtml
cve@mitre.orghttp://www.kb.cert.org/vuls/id/571297Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
cve@mitre.orghttp://www.securityfocus.com/bid/6872Patch, Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11339
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104550124032513&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=104550335103136&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=ntbugtraq&m=104558778131373&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg21104543
af854a3a-2127-422b-91ae-364da2661108http://www.cert.org/advisories/CA-2003-11.htmlUS Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/n-065.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/571297Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6872Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11339
Impacted products
Vendor Product Version
ibm lotus_domino_web_server 6.0
ibm lotus_notes_client 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_client:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "65BA8CED-47B7-4F45-BFCD-0BB7968D3384",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el manejador de control de objetos COM para Lotus Domino 6.0.1 y versiones anteriores, permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario mediante vectores de ataque m\u00faltiple, como se demuestra utilizando el m\u00e9todo InitializeUsingNotesUserName en el control ActiveX de iNotes."
    }
  ],
  "id": "CVE-2003-0179",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/571297"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6872"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/571297"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/6872"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg21104528
cve@mitre.orghttp://www.cert.org/advisories/CA-2003-11.htmlPatch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.ciac.org/ciac/bulletins/n-065.shtml
cve@mitre.orghttp://www.kb.cert.org/vuls/id/355169Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.nextgenss.com/advisories/lotus-60dos.txtExploit, Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/6951
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11360
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg21104528
af854a3a-2127-422b-91ae-364da2661108http://www.cert.org/advisories/CA-2003-11.htmlPatch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.ciac.org/ciac/bulletins/n-065.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/355169Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.nextgenss.com/advisories/lotus-60dos.txtExploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6951
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11360
Impacted products
Vendor Product Version
ibm lotus_domino_web_server 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
    },
    {
      "lang": "es",
      "value": "Lotus Domino Web Server (nhttp.exe) anteriores a la 6.0.1 permite a atacantes remotos causar la Denegaci\u00f3n de Servicios mediante una petici\u00f3n POST incompleta, como se demuestra utilizando el formulario h_PageUI."
    }
  ],
  "id": "CVE-2003-0180",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/355169"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/6951"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/355169"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/6951"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg21104528
cve@mitre.orghttp://www.cert.org/advisories/CA-2003-11.htmlPatch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.nextgenss.com/advisories/lotus-60dos.txtExploit, Patch, Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/6951
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/11361
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg21104528
af854a3a-2127-422b-91ae-364da2661108http://www.cert.org/advisories/CA-2003-11.htmlPatch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.nextgenss.com/advisories/lotus-60dos.txtExploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/6951
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/11361
Impacted products
Vendor Product Version
ibm lotus_domino_web_server 6.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
    }
  ],
  "id": "CVE-2003-0181",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-04-02T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/6951"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.cert.org/advisories/CA-2003-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/6951"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}