Filtered by vendor Lotus Subscriptions
Total 31 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2001-0260 1 Lotus 1 Domino Mail Server 2024-08-08 N/A
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
CVE-2001-0009 1 Lotus 1 Domino Server 2024-08-08 N/A
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
CVE-2001-0130 1 Lotus 2 Domino R5 Client, Domino R5 Server 2024-08-08 N/A
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
CVE-2002-1010 1 Lotus 1 Domino R4 2024-08-08 N/A
Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.
CVE-2002-0407 1 Lotus 1 Domino 2024-08-08 N/A
htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2) a request containing a large number of periods, which causes htcgibin.exe to leak the pathname in an error message.
CVE-2002-0408 1 Lotus 1 Domino 2024-08-08 N/A
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.
CVE-2002-0245 1 Lotus 1 Domino 2024-08-08 N/A
Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message.
CVE-2002-0087 1 Lotus 1 Domino 2024-08-08 N/A
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.
CVE-2003-1408 1 Lotus 1 Domino Server 2024-08-08 N/A
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.
CVE-2011-0290 3 Lotus, Microsoft, Rim 3 Domino, Exchange Server, Blackberry Enterprise Server 2024-08-06 N/A
The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.
CVE-1999-1012 1 Lotus 1 Domino 2024-08-01 N/A
SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string.