CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0CVE-2003-0179
https://notcve.org/view.php?id=CVE-2003-0179
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control. Desbordamiento de búfer en el manejador de control de objetos COM para Lotus Domino 6.0.1 y versiones anteriores, permite a atacantes remotos la ejecución de código arbitrario mediante vectores de ataque múltiple, como se demuestra utilizando el método InitializeUsingNotesUserName en el control ActiveX de iNotes. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html http://marc.info/?l=bugtraq&m=104550124032513&w=2 http://marc.info/?l=bugtraq&m=104550335103136&w=2 http://marc.info/?l=ntbugtraq&m=104558778131373&w=2 http://marc.info/?l=ntbugtraq&m=104558778331387&w=2 http://www-1.ibm.com/support/docview.wss? •
CVSS: 10.0EPSS: 91%CPEs: 1EXPL: 0CVE-2003-0178
https://notcve.org/view.php?id=CVE-2003-0178
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. Multiples desbordamiento de búfer en Lotus Domino Web Server anteriores a la 6.0.1 permiten a atacantes remotos causar Denegación de Servicios o la ejecución de código arbitrario mediante: la opción s_ViewName en el parámetro PresetFields de iNotes la opción Foldername en el parámetro PresetFields de iNotes una cabecera Host larga, insertada en una cabecera de Localización larga y utilizada durante una operación de redirección. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html http://marc.info/?l=bugtraq&m=104550063431461&w=2 http://marc.info/?l=bugtraq&m=104550063431463&w=2 http://marc.info/?l=bugtraq&m=104550335103136&w=2 http://marc.info/?l=ntbugtraq&m=104558777331345&w=2 http://marc.info/? •
CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 0CVE-2002-2025
https://notcve.org/view.php?id=CVE-2002-2025
Lotus Domino server 5.0.9a and earlier allows remote attackers to cause a denial of service by exhausting the number of working threads via a large number of HTTP requests for (1) an MS-DOS device name and (2) an MS-DOS device name with a large number of characters appended to the device name. • http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0037.html http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/945e97608fda942a85256b37007905b1?OpenDocument&Highlight=0%2CJCHN547JWV http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/a77f8a5132cce70085256b8000792112?OpenDocument&Highlight=0%2CJCHN4UMKLA http://www.securityfocus.com/archive/1/253830 http://www.securityfocus.com/bid/4019 http://www.securityfocus.com/bid/4020 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2002-0037
https://notcve.org/view.php?id=CVE-2002-0037
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call (NSFDbReadObject) that directly accesses the object. Los servidores Lotus Domino 5.x, 4.6x y 4.5x permiten a atacantes evadir la lista acceso de autores y lectores de un objeto mediante una llamada a la API (interfaz de programación) de Notes que accede directamente al objeto. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0147.html http://archives.neohapsis.com/archives/bugtraq/2001-09/0150.html http://www.iss.net/security_center/static/10095.php http://www.kb.cert.org/vuls/id/657899 •
CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2001-1567
https://notcve.org/view.php?id=CVE-2001-1567
Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino. • http://marc.info/?l=bugtraq&m=101284222932568&w=2 http://marc.info/?l=bugtraq&m=101285903120879&w=2 http://marc.info/?l=bugtraq&m=101286525008089&w=2 http://www.iss.net/security_center/static/8072.php http://www.nextgenss.com/papers/hpldws.pdf http://www.securityfocus.com/bid/4022 •