Page 4 of 25 results (0.009 seconds)

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory. • http://secunia.com/advisories/18328 http://www-1.ibm.com/support/docview.wss?uid=swg27007054 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/20f66e356a76c90f8525702a00420e08?OpenDocument&Highlight=0%2CMKIN67MQVW http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/2221243535d88a2b8525701b00420cd6?OpenDocument&Highlight=0%2CMKIN693QUT http://www.securityfocus.com/bid/16158 http://www.vupen.com/english/advisories/2006/0081 https://exchange.xforce.ibmcloud.com/vulnerabilities/24223 •

CVSS: 5.0EPSS: 7%CPEs: 14EXPL: 0

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN). • http://secunia.com/advisories/18328 http://www-1.ibm.com/support/docview.wss?uid=swg27007054 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/258394eaa824f2c08525708a004209d3?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/040482aeb1416bb7852570e4001badd6?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f466a9e986ae852570e4001babbb?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a1f266afb26c852570e4001baf5e? •

CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 0

Buffer overflow in IBM Lotus Notes and Domino Server before 6.5.5 allows attackers to cause a denial of service (router crash or hang) via unspecified vectors involving "CD to MIME Conversion". • http://secunia.com/advisories/18328 http://www-1.ibm.com/support/docview.wss?uid=swg27007054 http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/50c634bfe193efa5852570e4001baace?OpenDocument http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/21d8fd7989fdf78d852570e4001bae68?OpenDocument http://www.securityfocus.com/bid/16158 http://www.vupen.com/english/advisories/2006/0081 https://exchange.xforce.ibmcloud.com/vulnerabilities/24205 •

CVSS: 7.8EPSS: 3%CPEs: 18EXPL: 0

The LDAP server (nldap.exe) in IBM Lotus Domino before 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote attackers to cause a denial of service (crash) via a long bind request, which triggers a null dereference. • http://securitytracker.com/id?1015611 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21229907 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=389 http://www.securityfocus.com/bid/16523 http://www.vupen.com/english/advisories/2006/0526 https://exchange.xforce.ibmcloud.com/vulnerabilities/24634 •

CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0

Cross-site scripting (XSS) vulnerability in Lotus Domino versions before 6.5.4 fix pack 1 (FP1) and versions before 7.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. • http://www-1.ibm.com/support/docview.wss?rs=0&uid=swg21201845 http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21217285 http://www.osvdb.org/displayvuln.php?osvdb_id=19614 http://www.securityfocus.com/bid/14901 http://www.securitytracker.com/alerts/2005/Sep/1014946.html https://exchange.xforce.ibmcloud.com/vulnerabilities/22358 •