Vulnerabilities > IBM > Lotus Domino > 5.0.4

DATE CVE VULNERABILITY TITLE RISK
2011-02-08 CVE-2011-0915 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino
Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23.
network
low complexity
ibm CWE-119
critical
10.0
2011-02-08 CVE-2011-0914 Numeric Errors vulnerability in IBM Lotus Domino
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.
network
low complexity
ibm CWE-189
critical
10.0
2011-02-08 CVE-2011-0913 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Domino
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
network
low complexity
ibm CWE-119
critical
10.0
2007-10-29 CVE-2007-5544 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Lotus Notes
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
local
low complexity
ibm CWE-732
7.8
2006-11-08 CVE-2006-5818 TuneKrnl Local Privilege Escalation vulnerability in IBM Lotus Domino
Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x before 6.5.5 FP2 and 7.x before 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.
local
low complexity
ibm
7.2
2003-03-18 CVE-2003-0123 Buffer Overflow Denial Of Service vulnerability in IBM Lotus Domino and Lotus Notes Client
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
network
low complexity
ibm
5.0
2003-03-18 CVE-2003-0122 Denial Of Service vulnerability in IBM Lotus Domino and Lotus Notes Client
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
network
low complexity
ibm
5.0
2002-12-31 CVE-2002-1624 Buffer Overflow vulnerability in Lotus Domino HTTP Authentication Logging
Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP Authenticate header containing certain non-ASCII characters.
network
low complexity
ibm
5.0
2002-03-15 CVE-2002-0086 Buffer Overflow vulnerability in Lotus Domino Notes_ExecDirectory
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.
local
low complexity
ibm
7.2
2001-12-31 CVE-2001-1567 Remote Authentication Bypass vulnerability in IBM Lotus Domino and Lotus Domino Server
Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.
network
low complexity
ibm
5.0