U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 30 matching records.
Displaying matches 21 through 30.
Vuln ID Summary CVSS Severity
CVE-2011-0917

Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX.

Published: February 08, 2011; 5:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-0916

Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H.

Published: February 08, 2011; 5:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-0915

Stack-based buffer overflow in nrouter.exe in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a long name parameter in a Content-Type header in a malformed Notes calendar (aka iCalendar or iCal) meeting request, aka SPR KLYH87LL23.

Published: February 08, 2011; 5:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-0914

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Published: February 08, 2011; 5:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2011-0913

Stack-based buffer overflow in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP getEnvironmentString request, related to the local variable cache.

Published: February 08, 2011; 5:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-3407

Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.

Published: September 16, 2010; 5:00:02 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-0276

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

Published: January 09, 2010; 1:30:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-0275

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Published: January 09, 2010; 1:30:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-0274

Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5.

Published: January 09, 2010; 1:30:01 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2008-5011

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860.

Published: November 10, 2008; 10:23:24 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM