Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm lotus domino server 6.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 8.0
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.5
10
CVSSv2
CVE-2008-2240
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino prior to 7.0.3 FP1, and 8.x prior to 8.0.1, allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
Ibm Lotus Domino 7.0
Ibm Lotus Domino 8.0
Ibm Lotus Domino 8.0.1
1 EDB exploit
7.8
CVSSv2
CVE-2007-0067
Unspecified vulnerability in the Lotus Domino Web Server 6.0, 6.5.x prior to 6.5.6, and 7.0.x prior to 7.0.3 allows remote malicious users to cause a denial of service (daemon crash) via requests for URLs that reference certain files.
Ibm Lotus Domino Web Server 6.0
Ibm Lotus Domino Web Server 6.0.1
Ibm Lotus Domino Web Server 6.5.1
Ibm Lotus Domino Web Server 6.5.2
Ibm Lotus Domino Web Server 7.0
Ibm Lotus Domino Web Server 7.0.1
Ibm Lotus Domino Web Server 6.0.3
Ibm Lotus Domino Web Server 6.0.4
Ibm Lotus Domino Web Server 6.5.4
Ibm Lotus Domino Web Server 6.5.5
Ibm Lotus Domino Web Server 6.0.2
Ibm Lotus Domino Web Server 6.0.2 Cf2
Ibm Lotus Domino Web Server 6.5.3
Ibm Lotus Domino Web Server 7.0.2
Ibm Lotus Domino Web Server 6.0.5
Ibm Lotus Domino Web Server 6.5.0
7.5
CVSSv2
CVE-2003-0179
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and previous versions allows remote malicious users to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Ibm Lotus Domino Web Server 6.0
Ibm Lotus Notes Client 6.0
7.8
CVSSv2
CVE-2005-2712
The LDAP server (nldap.exe) in IBM Lotus Domino prior to 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote malicious users to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
Ibm Lotus Domino 6.0.2.1
Ibm Lotus Domino 6.0.2.2
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.5.3.1
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 7.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 6.5
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.1.3
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.5.2.1
10
CVSSv2
CVE-2011-0914
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.
Ibm Lotus Domino 6.0
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.2.1
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 5.0.1
Ibm Lotus Domino 5.0.10
Ibm Lotus Domino 5.0.6
Ibm Lotus Domino 5.0.6a
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 5.0.3
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.4.3
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.2.1
10
CVSSv2
CVE-2011-0913
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
Ibm Lotus Domino 5.0.9
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 4.6.4
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 5.0.4a
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 4.6.1
Ibm Lotus Domino 7.0.2.1
Ibm Lotus Domino 7.0.2.2
Ibm Lotus Domino 7.0.2.3
Ibm Lotus Domino 8.0.2
Ibm Lotus Domino 8.0.2.1
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.4
5
CVSSv2
CVE-2003-0181
Lotus Domino Web Server (nhttp.exe) prior to 6.0.1 allows remote malicious users to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
Ibm Lotus Domino Web Server 6.0
10
CVSSv2
CVE-2003-0178
Multiple buffer overflows in Lotus Domino Web Server prior to 6.0.1 allow remote malicious users to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter ...
Ibm Lotus Domino Web Server 6.0
5
CVSSv2
CVE-2003-0180
Lotus Domino Web Server (nhttp.exe) prior to 6.0.1 allows remote malicious users to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
Ibm Lotus Domino Web Server 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started