All the vulnerabilites related to ibm - lotus_notes_client
cve-2003-0179
Vulnerability from cvelistv5
Published
2003-03-29 05:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0179",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0123
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cert.org/advisories/CA-2003-11.html | third-party-advisory, x_refsource_CERT | |
| http://www.ciac.org/ciac/bulletins/n-065.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://marc.info/?l=bugtraq&m=104757545500368&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/7038 | vdb-entry, x_refsource_BID | |
| http://www.rapid7.com/advisories/R7-0011.html | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/411489 | third-party-advisory, x_refsource_CERT-VN | |
| http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11525 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"name": "7038",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"name": "VU#411489",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"name": "lotus-web-retriever-bo(11525)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"name": "7038",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"name": "VU#411489",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"name": "lotus-web-retriever-bo(11525)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0123",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"name": "7038",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7038"
},
{
"name": "http://www.rapid7.com/advisories/R7-0011.html",
"refsource": "MISC",
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"name": "VU#411489",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"name": "lotus-web-retriever-bo(11525)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0123",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0122
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 01:43
Severity ?
EPSS score ?
Summary
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cert.org/advisories/CA-2003-11.html | third-party-advisory, x_refsource_CERT | |
| http://www.ciac.org/ciac/bulletins/n-065.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11526 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html | mailing-list, x_refsource_VULNWATCH | |
| http://www.rapid7.com/advisories/R7-0010.html | x_refsource_MISC | |
| http://www.kb.cert.org/vuls/id/433489 | third-party-advisory, x_refsource_CERT-VN | |
| http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/7037 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=104757319829443&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:35.413Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-nrpc-bo(11526)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11526"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rapid7.com/advisories/R7-0010.html"
},
{
"name": "VU#433489",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/433489"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101"
},
{
"name": "7037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7037"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757319829443\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-nrpc-bo(11526)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11526"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rapid7.com/advisories/R7-0010.html"
},
{
"name": "VU#433489",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/433489"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101"
},
{
"name": "7037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7037"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757319829443\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-nrpc-bo(11526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11526"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html"
},
{
"name": "http://www.rapid7.com/advisories/R7-0010.html",
"refsource": "MISC",
"url": "http://www.rapid7.com/advisories/R7-0010.html"
},
{
"name": "VU#433489",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/433489"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101"
},
{
"name": "7037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7037"
},
{
"name": "20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104757319829443\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0122",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:43:35.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_domino_web_server | 6.0 | |
| ibm | lotus_notes_client | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino_web_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C637A6-CD7E-4E88-B994-5A5139EE91C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65BA8CED-47B7-4F45-BFCD-0BB7968D3384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el manejador de control de objetos COM para Lotus Domino 6.0.1 y versiones anteriores, permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario mediante vectores de ataque m\u00faltiple, como se demuestra utilizando el m\u00e9todo InitializeUsingNotesUserName en el control ActiveX de iNotes."
}
],
"id": "CVE-2003-0179",
"lastModified": "2024-11-20T23:44:09.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"source": "cve@mitre.org",
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_domino | 4.6.1 | |
| ibm | lotus_domino | 4.6.3 | |
| ibm | lotus_domino | 4.6.4 | |
| ibm | lotus_domino | 5.0 | |
| ibm | lotus_domino | 5.0.1 | |
| ibm | lotus_domino | 5.0.2 | |
| ibm | lotus_domino | 5.0.3 | |
| ibm | lotus_domino | 5.0.4 | |
| ibm | lotus_domino | 5.0.4a | |
| ibm | lotus_domino | 5.0.5 | |
| ibm | lotus_domino | 5.0.6 | |
| ibm | lotus_domino | 5.0.6a | |
| ibm | lotus_domino | 5.0.7 | |
| ibm | lotus_domino | 5.0.7a | |
| ibm | lotus_domino | 5.0.8 | |
| ibm | lotus_domino | 5.0.8a | |
| ibm | lotus_domino | 5.0.9 | |
| ibm | lotus_domino | 5.0.9a | |
| ibm | lotus_domino | 5.0.10 | |
| ibm | lotus_domino | 5.0.11 | |
| ibm | lotus_notes_client | 5.0 | |
| ibm | lotus_notes_client | 5.0.1 | |
| ibm | lotus_notes_client | 5.0.2 | |
| ibm | lotus_notes_client | 5.0.3 | |
| ibm | lotus_notes_client | 5.0.4 | |
| ibm | lotus_notes_client | 5.0.5 | |
| ibm | lotus_notes_client | 5.0.9a | |
| ibm | lotus_notes_client | 5.0.10 | |
| ibm | lotus_notes_client | 5.0.11 | |
| ibm | lotus_notes_client | r5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51C33E15-C92F-4F22-9593-EFFE9F033730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C91500D-E91E-4776-9F51-34E7EBB8F031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5441972-4038-4845-9B35-EF35C0053EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3264F8E8-C40A-4C5C-BF2C-BD4690FE7EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9513C4-3F02-4C32-AD91-C4A5941A5A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E570AFE6-CEAF-4F6F-81D3-CFFAAA8D5109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6B527E-B1FE-41A3-A274-7BE2E893E6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92B419CE-813B-42AA-9E06-2059F7DEE669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "197E7E1C-D545-46FB-890F-B92AB9DA2B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "986B8670-2341-474D-8477-47627DF1ED02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "908E6F9A-FCE7-48C2-A307-057536944313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "400521B9-F617-44A5-AF59-3D8DAE78067A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "00D21AF1-5802-41DA-8812-43B251D55CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78DCE051-78E2-4F35-9598-98C19110ECE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A80A1E8B-43C8-449F-9B16-01F30D23E3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E9D813-6EDD-48A0-9A2D-E08207F25AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F49E352F-35C5-4C9A-9B3D-C8C6FC128B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2A846C-20EC-41A6-BF4C-8FB84C45CEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0761E0-E899-413E-97CF-23BDA9395B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8471D114-204C-4B44-B0BE-C86226D8A5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16FA46F1-4A78-4091-8498-8D4C4F946A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF03B36-AEE4-4A40-B7B6-4EAB2552C1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6FD2E2-5454-4054-9482-93D698AA1840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E2E4D7A-ACD2-482D-B3E4-FFEA47040E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D185EB-F565-4D06-949F-27B44267E2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "006538A8-3D1F-405F-A493-A2DF0693D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "386C3C61-940D-4DCA-BB08-D47924759DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F7987AAB-0035-4BFB-A4E9-E56D19BB7774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3306F4C6-1D42-47A9-9286-F05F15DC971F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:r5:*:*:*:*:*:*:*",
"matchCriteriaId": "49557BEE-0FED-4F45-89C3-5DCBD2C7851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el cliente Web Retriever de Lotus Notes/Domino R4.5 a R.6 permite a servidores web remotos maliciosos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante una l\u00ednea de estado HTTP larga."
}
],
"id": "CVE-2003-0123",
"lastModified": "2024-11-20T23:44:00.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_domino | 4.6.1 | |
| ibm | lotus_domino | 4.6.3 | |
| ibm | lotus_domino | 4.6.4 | |
| ibm | lotus_domino | 5.0 | |
| ibm | lotus_domino | 5.0.1 | |
| ibm | lotus_domino | 5.0.2 | |
| ibm | lotus_domino | 5.0.3 | |
| ibm | lotus_domino | 5.0.4 | |
| ibm | lotus_domino | 5.0.4a | |
| ibm | lotus_domino | 5.0.5 | |
| ibm | lotus_domino | 5.0.6 | |
| ibm | lotus_domino | 5.0.6a | |
| ibm | lotus_domino | 5.0.7a | |
| ibm | lotus_domino | 5.0.8 | |
| ibm | lotus_domino | 5.0.8a | |
| ibm | lotus_domino | 5.0.9 | |
| ibm | lotus_domino | 5.0.9a | |
| ibm | lotus_domino | 5.0.10 | |
| ibm | lotus_domino | 5.0.11 | |
| ibm | lotus_notes_client | 5.0 | |
| ibm | lotus_notes_client | 5.0.1 | |
| ibm | lotus_notes_client | 5.0.2 | |
| ibm | lotus_notes_client | 5.0.3 | |
| ibm | lotus_notes_client | 5.0.4 | |
| ibm | lotus_notes_client | 5.0.5 | |
| ibm | lotus_notes_client | 5.0.9a | |
| ibm | lotus_notes_client | 5.0.10 | |
| ibm | lotus_notes_client | 5.0.11 | |
| ibm | lotus_notes_client | r5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51C33E15-C92F-4F22-9593-EFFE9F033730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C91500D-E91E-4776-9F51-34E7EBB8F031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5441972-4038-4845-9B35-EF35C0053EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3264F8E8-C40A-4C5C-BF2C-BD4690FE7EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9513C4-3F02-4C32-AD91-C4A5941A5A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E570AFE6-CEAF-4F6F-81D3-CFFAAA8D5109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6B527E-B1FE-41A3-A274-7BE2E893E6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92B419CE-813B-42AA-9E06-2059F7DEE669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "197E7E1C-D545-46FB-890F-B92AB9DA2B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "986B8670-2341-474D-8477-47627DF1ED02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "908E6F9A-FCE7-48C2-A307-057536944313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "400521B9-F617-44A5-AF59-3D8DAE78067A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78DCE051-78E2-4F35-9598-98C19110ECE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A80A1E8B-43C8-449F-9B16-01F30D23E3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E9D813-6EDD-48A0-9A2D-E08207F25AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F49E352F-35C5-4C9A-9B3D-C8C6FC128B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2A846C-20EC-41A6-BF4C-8FB84C45CEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0761E0-E899-413E-97CF-23BDA9395B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8471D114-204C-4B44-B0BE-C86226D8A5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16FA46F1-4A78-4091-8498-8D4C4F946A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF03B36-AEE4-4A40-B7B6-4EAB2552C1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6FD2E2-5454-4054-9482-93D698AA1840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E2E4D7A-ACD2-482D-B3E4-FFEA47040E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D185EB-F565-4D06-949F-27B44267E2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "006538A8-3D1F-405F-A493-A2DF0693D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "386C3C61-940D-4DCA-BB08-D47924759DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F7987AAB-0035-4BFB-A4E9-E56D19BB7774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3306F4C6-1D42-47A9-9286-F05F15DC971F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:r5:*:*:*:*:*:*:*",
"matchCriteriaId": "49557BEE-0FED-4F45-89C3-5DCBD2C7851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el servidor de Lotus Notes R4, R5 anteriores a 5.0.11 y betas de R6 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un nombre distinguido (DN) largo durante la autenticaci\u00f3n NotesRPC y una longitud externa del campo menor que la del campo DN."
}
],
"id": "CVE-2003-0122",
"lastModified": "2024-11-20T23:44:00.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757319829443\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/433489"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7037"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757319829443\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/433489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11526"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}