Lotus Domino@* Security Vulnerabilities and Issues — Lotus Domino@* CVE List

Lucene search

IbmLotus Domino*

10 matches found

CVE•added 2011/02/08 10:0 p.m.•83 views

CVE-2011-0917

Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX.

10CVSS7.8AI score0.22907EPSS

CVE•added 2011/02/08 10:0 p.m.•67 views

CVE-2011-0915

Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23.

10CVSS8AI score0.15358EPSS

CVE•added 2011/02/08 10:0 p.m.•58 views

CVE-2011-0913

Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.

10CVSS7.9AI score0.10609EPSS

CVE•added 2011/02/08 10:0 p.m.•57 views

CVE-2011-0914

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

10CVSS7.7AI score0.11112EPSS

CVE•added 2011/12/27 11:55 a.m.•53 views

CVE-2011-1393

Unspecified vulnerability in the authentication functionality in the server in IBM Lotus Domino 8.x before 8.5.2 FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Notes RPC packet.

7.8CVSS6.8AI score0.01605EPSS

CVE•added 2011/02/08 10:0 p.m.•49 views

CVE-2011-0916

Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H.

10CVSS8.1AI score0.10609EPSS

CVE•added 2011/02/08 10:0 p.m.•49 views

CVE-2011-0920

The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.

9.3CVSS8.4AI score0.04369EPSS

CVE•added 2011/02/08 10:0 p.m.•41 views

CVE-2011-0918

Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE.

10CVSS8.2AI score0.10609EPSS

CVE•added 2011/02/08 10:0 p.m.•41 views

CVE-2011-0919

Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ.

10CVSS7.9AI score0.124EPSS

CVE•added 2011/03/25 7:55 p.m.•38 views

CVE-2011-1520

The default configuration of the server console in IBM Lotus Domino does not require a password (aka Server_Console_Password), which allows physically proximate attackers to perform administrative changes or obtain sensitive information via a (1) Load, (2) Tell, or (3) Set Configuration command.

7.2CVSS6.3AI score0.00057EPSS