CVE-2003-0123
https://notcve.org/view.php?id=CVE-2003-0123
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. Desbordamiento de búfer en el cliente Web Retriever de Lotus Notes/Domino R4.5 a R.6 permite a servidores web remotos maliciosos causar una denegación de servicio (caída) mediante una línea de estado HTTP larga. • http://marc.info/?l=bugtraq&m=104757545500368&w=2 http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 http://www.cert.org/advisories/CA-2003-11.html http://www.ciac.org/ciac/bulletins/n-065.shtml http://www.kb.cert.org/vuls/id/411489 http://www.rapid7.com/advisories/R7-0011.html http://www.securityfocus.com/bid/7038 https://exchange.xforce.ibmcloud.com/vulnerabilities/11525 •
CVE-2003-0122
https://notcve.org/view.php?id=CVE-2003-0122
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. Desbordamiento de búfer en el servidor de Lotus Notes R4, R5 anteriores a 5.0.11 y betas de R6 permite a atacantes remotos ejecutar código arbitrario mediante un nombre distinguido (DN) largo durante la autenticación NotesRPC y una longitud externa del campo menor que la del campo DN. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0125.html http://marc.info/?l=bugtraq&m=104757319829443&w=2 http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 http://www.cert.org/advisories/CA-2003-11.html http://www.ciac.org/ciac/bulletins/n-065.shtml http://www.kb.cert.org/vuls/id/433489 http://www.rapid7.com/advisories/R7-0010.html http://www.securityfocus.com/bid/7037 https://exchange.xforce.ibmcloud.com/vulnerabilities/11526 •
CVE-2002-0370
https://notcve.org/view.php?id=CVE-2002-0370
Buffer overflow in the ZIP capability for multiple products allows remote attackers to cause a denial of service or execute arbitrary code via ZIP files containing entries with long filenames, including (1) Microsoft Windows 98 with Plus! Pack, (2) Windows XP, (3) Windows ME, (4) Lotus Notes R4 through R6 (pre-gold), (5) Verity KeyView, and (6) Stuffit Expander before 7.0. Desbordamiento de búfer en la capacidad ZIP de múltiples productos permite a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante ficheros ZIP que contienen nombres de ficheros largos, incluyendo Microsoft Windows 98 con el paquete Plus! Windows XP Windows Me Lotus Notes R4 a R6 (pre-gold) Verity KeyView, y Stuffit Expander antes de 7.0. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0009.html http://marc.info/?l=bugtraq&m=103428193409223&w=2 http://securityreason.com/securityalert/587 http://www.info-zip.org/FAQ.html http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10251.php http://www.kb.cert.org/vuls/id/383779 http://www.securityfocus.com/bid/5873 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-054 •
CVE-2000-0891
https://notcve.org/view.php?id=CVE-2000-0891
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. • http://www.kb.cert.org/vuls/id/5962 http://www.notes.net/R5FixList.nsf/Search%21SearchView&Query=CBAT45TU9S https://exchange.xforce.ibmcloud.com/vulnerabilities/5045 •
CVE-2000-1138
https://notcve.org/view.php?id=CVE-2000-1138
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. • http://marc.info/?l=bugtraq&m=97370725220953&w=2 http://www.securityfocus.com/bid/1925 •