Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Lotus_domino
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 88 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2006-01-09 | CVE-2006-0117 | Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion". | Lotus_domino, Lotus_domino_enterprise_server, Lotus_notes | N/A | ||
| 2005-12-31 | CVE-2005-4819 | Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | Lotus_domino | N/A | ||
| 2005-09-21 | CVE-2005-3015 | Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters. | Lotus_domino, Lotus_domino_enterprise_server | N/A | ||
| 2005-12-31 | CVE-2005-2712 | The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference. | Lotus_domino | N/A | ||
| 2005-08-03 | CVE-2005-2428 | Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the... | Lotus_domino | N/A | ||
| 2005-05-03 | CVE-2005-1441 | Format string vulnerability in Lotus Domino 6.0.x before 6.0.5 and 6.5.x before 6.5.4 allows remote attackers to cause a denial of service via the Notes protocol (NRPC). | Lotus_domino | N/A | ||
| 2004-12-31 | CVE-2004-2667 | Cross-site scripting (XSS) vulnerability in Lotus Domino 6.0.x before 6.0.4 and 6.5.x before 6.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | Lotus_domino | N/A | ||
| 2004-12-31 | CVE-2004-2369 | Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. (dot dot) in the directory creation command. | Lotus_domino | N/A | ||
| 2004-12-31 | CVE-2004-2311 | Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog. | Lotus_domino | N/A | ||
| 2004-12-31 | CVE-2004-2310 | Cross-site scripting (XSS) vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows remote attackers to inject arbitrary web script or HTML via a Domino command in the Quick Console. | Lotus_domino | N/A |