Search criteria
12 vulnerabilities found for lotus_domino_web_server by ibm
CVE-2008-2410 (GCVE-0-2008-2410)
Vulnerability from nvd – Published: 2008-05-22 10:00 – Updated: 2024-08-07 08:58
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:02.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2410",
"datePublished": "2008-05-22T10:00:00",
"dateReserved": "2008-05-22T00:00:00",
"dateUpdated": "2024-08-07T08:58:02.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0067 (GCVE-0-2007-0067)
Vulnerability from nvd – Published: 2007-06-06 10:00 – Updated: 2024-08-07 12:03
VLAI?
Summary
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24307",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24307",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24307",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24307"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"refsource": "OSVDB",
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0067",
"datePublished": "2007-06-06T10:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:36.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0180 (GCVE-0-2003-0180)
Vulnerability from nvd – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/355169"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/355169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/355169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0180",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0181 (GCVE-0-2003-0181)
Vulnerability from nvd – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0181",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0179 (GCVE-0-2003-0179)
Vulnerability from nvd – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0179",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0178 (GCVE-0-2003-0178)
Vulnerability from nvd – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6871"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0178",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2410 (GCVE-0-2008-2410)
Vulnerability from cvelistv5 – Published: 2008-05-22 10:00 – Updated: 2024-08-07 08:58
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:02.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2410",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-lotusdomino-servlet-web-xss(42553)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42553"
},
{
"name": "ADV-2008-1597",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1597"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21303296"
},
{
"name": "30310",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30310"
},
{
"name": "30332",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30332"
},
{
"name": "29311",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2410",
"datePublished": "2008-05-22T10:00:00",
"dateReserved": "2008-05-22T00:00:00",
"dateUpdated": "2024-08-07T08:58:02.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0067 (GCVE-0-2007-0067)
Vulnerability from cvelistv5 – Published: 2007-06-06 10:00 – Updated: 2024-08-07 12:03
VLAI?
Summary
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:03:36.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24307",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24307"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24307",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24307"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24307",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24307"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257251"
},
{
"name": "35766",
"refsource": "OSVDB",
"url": "http://osvdb.org/35766"
},
{
"name": "domino-unspecified-dos(34689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34689"
},
{
"name": "1018189",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018189"
},
{
"name": "25542",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25542"
},
{
"name": "ADV-2007-2046",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2046"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0067",
"datePublished": "2007-06-06T10:00:00",
"dateReserved": "2007-01-04T00:00:00",
"dateUpdated": "2024-08-07T12:03:36.973Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0180 (GCVE-0-2003-0180)
Vulnerability from cvelistv5 – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/355169"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/355169"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "lotus-incomplete-post-dos(11360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11360"
},
{
"name": "6951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "VU#355169",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/355169"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0180",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0181 (GCVE-0-2003-0181)
Vulnerability from cvelistv5 – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a \"Fictionary Value Field POST request\" as demonstrated using the s_Validation form with a long, unknown parameter name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.nextgenss.com/advisories/lotus-60dos.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-60dos.txt"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "6951",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6951"
},
{
"name": "lotus-invalid-field-dos(11361)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11361"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104528"
},
{
"name": "20030218 More Lotus Domino Advisories",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0086.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0181",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0179 (GCVE-0-2003-0179)
Vulnerability from cvelistv5 – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.016Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0179",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21104543"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2"
},
{
"name": "6872",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6872"
},
{
"name": "VU#571297",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/571297"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "lotus-notes-activex-bo(11339)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11339"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0179",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.016Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0178 (GCVE-0-2003-0178)
Vulnerability from cvelistv5 – Published: 2003-03-29 05:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.058Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6871"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6871"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431463\u0026w=2"
},
{
"name": "VU#772817",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/772817"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0080.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104550063431461\u0026w=2"
},
{
"name": "VU#542873",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542873"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0081.html"
},
{
"name": "CA-2003-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"name": "20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777531350\u0026w=2"
},
{
"name": "20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558777331345\u0026w=2"
},
{
"name": "lotus-domino-hostname-bo(11337)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11337"
},
{
"name": "VU#206361",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/206361"
},
{
"name": "lotus-domino-inotes-bo(11336)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11336"
},
{
"name": "20030217 Domino Advisories UPDATE",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2"
},
{
"name": "6870",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6870"
},
{
"name": "N-065",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"name": "20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-hostlocbo.txt"
},
{
"name": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/lotus-inotesoflow.txt"
},
{
"name": "6871",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6871"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0178",
"datePublished": "2003-03-29T05:00:00",
"dateReserved": "2003-03-28T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.058Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}