Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Lotus_domino
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 88 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2004-12-31 | CVE-2004-2311 | Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | Lotus_domino | N/A | ||
| 2004-12-31 | CVE-2004-2310 | Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | Lotus_domino | N/A | ||
| 2004-08-06 | CVE-2004-0669 | Lotus Domino 6.5.0 and 6.5.1, with IMAP enabled, allows remote authenticated users to change their quota by using the IMAP setquota command. | Lotus_domino | N/A | ||
| 2004-08-06 | CVE-2004-0668 | Web Access in Lotus Domino 6.5.1 allows remote attackers to cause a denial of service (server crash) via a large e-mail message, as demonstrated using a large image attachment. | Lotus_domino | N/A | ||
| 2003-03-18 | CVE-2003-0123 | Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. | Lotus_domino, Lotus_notes_client | N/A | ||
| 2003-03-18 | CVE-2003-0122 | Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. | Lotus_domino, Lotus_notes_client | N/A | ||
| 2002-12-31 | CVE-2002-2014 | Lotus Domino 5.0.8 web server returns different error messages when a valid or invalid user is provided in HTTP requests, which allows remote attackers to determine valid user names and makes it easier to conduct brute force attacks. | Lotus_domino | N/A | ||
| 2002-12-31 | CVE-2002-1624 | Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters. | Lotus_domino | N/A | ||
| 2002-03-15 | CVE-2002-0086 | Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. | Lotus_domino | N/A | ||
| 2001-12-31 | CVE-2001-1567 | Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino. | Lotus_domino, Lotus_domino_server | N/A |