CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 1CVE-2011-0290
https://notcve.org/view.php?id=CVE-2011-0290
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors. BlackBerry Collaboration Service en Research In Motion (RIM) BlackBerry Enterprise Server (BES) v5.0.3 a través de MR4 para Microsoft Exchange y Lotus Domino permite, a usuarios remotos autenticados, a acceder a cuentas de usuario de su elección asociados con la misma organización, y enviar mensajes, leer los mensajes, leer las listas de contactos o causar una denegación de servicio (indisponibilidad de inicio de sesión), a través de vectores no especificados. • http://secunia.com/advisories/46370 http://securitytracker.com/id?1026179 http://www.blackberry.com/btsc/KB28524 http://www.osvdb.org/76286 http://www.securityfocus.com/bid/50064 https://exchange.xforce.ibmcloud.com/vulnerabilities/70519 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 1CVE-2003-1408
https://notcve.org/view.php?id=CVE-2003-1408
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. • http://www.securityfocus.com/archive/1/311660 http://www.securityfocus.com/archive/1/311806 http://www.securityfocus.com/bid/6841 https://exchange.xforce.ibmcloud.com/vulnerabilities/11311 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 3%CPEs: 3EXPL: 4CVE-2002-2191 – Lotus Domino 5.0.8-9 - Non-Existent NSF Database Banner Information Disclosure
https://notcve.org/view.php?id=CVE-2002-2191
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner. • https://www.exploit-db.com/exploits/21996 http://www.iss.net/security_center/static/10557.php http://www.securityfocus.com/archive/1/298874/2002-11-05/2002-11-11/2 http://www.securityfocus.com/bid/6128 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1010
https://notcve.org/view.php?id=CVE-2002-1010
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers. • http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0001.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2002-0408
https://notcve.org/view.php?id=CVE-2002-0408
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message. • http://marc.info/?l=bugtraq&m=101310812804716&w=2 http://marc.info/?l=bugtraq&m=101785616526383&w=2 http://www.securityfocus.com/bid/4049 •