Vulnerabilities > CVE-2005-1405 - Local Security vulnerability in Lotus Notes

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

ibm

NVD

Published: 2005-05-03

Updated: 2017-07-11

Summary

HTTP response splitting vulnerability in the @SetHTTPHeader function in Lotus Domino 6.5.x before 6.5.4 and 6.0.x before 6.0.5 allows attackers to poison the web cache via malicious applications.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Notes 6.0 IBM Lotus Notes 6.0.1 IBM Lotus Notes 6.0.2 IBM Lotus Notes 6.0.3 IBM Lotus Notes 6.0.4 IBM Lotus Notes 6.5 IBM Lotus Notes 6.5.1 IBM Lotus Notes 6.5.2 IBM Lotus Notes 6.5.3	9

References

http://secunia.com/advisories/14879
http://securitytracker.com/id?1013839
http://www.kb.cert.org/vuls/id/699798
http://www.osvdb.org/15365
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437
https://exchange.xforce.ibmcloud.com/vulnerabilities/20045