Vulnerabilities > IBM > Lotus Domino WEB Server

DATE CVE VULNERABILITY TITLE RISK
2008-05-22 CVE-2008-2410 Cross-Site Scripting vulnerability in IBM Lotus Domino web Server
Cross-site scripting (XSS) vulnerability in the servlet engine and Web container in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
network
ibm CWE-79
4.3
2007-06-06 CVE-2007-0067 Remote Denial of Service vulnerability in IBM Lotus Domino Web Server
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x before 6.5.6, and 7.0.x before 7.0.3 allows remote attackers to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
network
low complexity
ibm
7.8
2003-04-02 CVE-2003-0181 Denial Of Service vulnerability in IBM Lotus Domino web Server 6.0
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
network
low complexity
ibm
5.0
2003-04-02 CVE-2003-0180 Denial Of Service vulnerability in IBM Lotus Domino web Server 6.0
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
network
low complexity
ibm
5.0
2003-04-02 CVE-2003-0179 Buffer Overflow vulnerability in IBM Lotus Domino web Server and Lotus Notes Client
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
network
low complexity
ibm
7.5
2003-04-02 CVE-2003-0178 Buffer Overflow vulnerability in IBM Lotus Domino web Server 6.0
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
network
low complexity
ibm
critical
10.0