Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm lotus domino 6.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-2240
Stack-based buffer overflow in the Web Server service in IBM Lotus Domino prior to 7.0.3 FP1, and 8.x prior to 8.0.1, allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
Ibm Lotus Domino 7.0
Ibm Lotus Domino 8.0
Ibm Lotus Domino 8.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2004-1621
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote malicious users to execute arbitrary web script or HTML via square brackets at the beginning and end of (1)...
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.3
1 EDB exploit
5
CVSSv2
CVE-2005-1441
Format string vulnerability in Lotus Domino 6.0.x prior to 6.0.5 and 6.5.x prior to 6.5.4 allows remote malicious users to cause a denial of service via the Notes protocol (NRPC).
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
7.2
CVSSv2
CVE-2006-5818
Multiple buffer overflows in tunekrnl in IBM Lotus Domino 6.x prior to 6.5.5 FP2 and 7.x prior to 7.0.2 allow local users to gain privileges and execute arbitrary code via unspecified vectors.
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 6.5
Ibm Lotus Domino 6.5.5
Ibm Lotus Domino 7.0
5
CVSSv2
CVE-2005-2428
Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote malicious users to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTP...
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.5
2 EDB exploits
1 Github repository
7.8
CVSSv2
CVE-2005-2712
The LDAP server (nldap.exe) in IBM Lotus Domino prior to 7.0.1, 6.5.5, and 6.5.4 FP2 allows remote malicious users to cause a denial of service (crash) via a long bind request, which triggers a null dereference.
Ibm Lotus Domino 6.0.2.1
Ibm Lotus Domino 6.0.2.2
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.5.3.1
Ibm Lotus Domino 6.0
Ibm Lotus Domino 6.0.3
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 7.0
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 6.5
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.1.3
Ibm Lotus Domino 6.5.1
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.5.2.1
7.1
CVSSv2
CVE-2007-0977
IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.
Ibm Lotus Domino 5.0
Ibm Lotus Domino 6.0
1 EDB exploit
1 Github repository
4.3
CVSSv2
CVE-2008-7253
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 up to and including 8.0, enables the HTTP TRACE method, which makes it easier for remote malicious users to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a r...
Ibm Lotus Domino Server 6.0
Ibm Lotus Domino Server 8.0
Ibm Lotus Domino Server 7.0
Ibm Lotus Domino Server 6.5
10
CVSSv2
CVE-2011-0914
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.
Ibm Lotus Domino 6.0
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.2.1
Ibm Lotus Domino 6.0.4
Ibm Lotus Domino 5.0.1
Ibm Lotus Domino 5.0.10
Ibm Lotus Domino 5.0.6
Ibm Lotus Domino 5.0.6a
Ibm Lotus Domino 6.5.4
Ibm Lotus Domino 6.5.3
Ibm Lotus Domino 6.0.1.2
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.5
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 5.0.3
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 6.5.2
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.4.3
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 7.0.2
Ibm Lotus Domino 7.0.2.1
10
CVSSv2
CVE-2011-0913
Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino prior to 8.5.3 allows remote malicious users to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.
Ibm Lotus Domino 5.0.9
Ibm Lotus Domino 6.0.2 Cf2
Ibm Lotus Domino 6.0.2
Ibm Lotus Domino 4.6.3
Ibm Lotus Domino 4.6.4
Ibm Lotus Domino 5.0.4
Ibm Lotus Domino 5.0.4a
Ibm Lotus Domino 6.5.2.1
Ibm Lotus Domino 6.5.0
Ibm Lotus Domino 6.5.4.1
Ibm Lotus Domino 4.6.1
Ibm Lotus Domino 7.0.2.1
Ibm Lotus Domino 7.0.2.2
Ibm Lotus Domino 7.0.2.3
Ibm Lotus Domino 8.0.2
Ibm Lotus Domino 8.0.2.1
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 5.0.9a
Ibm Lotus Domino 6.0.1.1
Ibm Lotus Domino 6.0.1
Ibm Lotus Domino 6.0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »