Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Lotus Domino  >> 8.0.2.2  Security Vulnerabilities
CVE-2011-0916
Stack-based buffer overflow in the SMTP service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long arguments in a filename parameter in a malformed MIME e-mail message, aka SPR KLYH889M8H.
CVSS Score
10.0
EPSS Score
0.106
Published
2011-02-08
CVE-2011-0917
Buffer overflow in nLDAP.exe in IBM Lotus Domino allows remote attackers to execute arbitrary code via a long string in an LDAP Bind operation, aka SPR KLYH87LMVX.
CVSS Score
10.0
EPSS Score
0.21
Published
2011-02-08
CVE-2011-0918
Stack-based buffer overflow in the NRouter (aka Router) service in IBM Lotus Domino allows remote attackers to execute arbitrary code via long filenames associated with Content-ID and ATTACH:CID headers in attachments in malformed calendar-request e-mail messages, aka SPR KLYH87LKRE.
CVSS Score
10.0
EPSS Score
0.106
Published
2011-02-08
CVE-2011-0919
Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address, aka SPR KLYH87LLVJ.
CVSS Score
10.0
EPSS Score
0.124
Published
2011-02-08
CVE-2011-0920
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via unspecified vectors, aka SPR PRAD89WGRS.
CVSS Score
9.3
EPSS Score
0.039
Published
2011-02-08
CVE-2010-3407
Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.
CVSS Score
9.3
EPSS Score
0.777
Published
2010-09-16
CVE-2008-5011
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to qpconfig_sample.xml, aka SPR CWIR7KMPVP and THES7F9NVR, a different vulnerability than CVE-2008-2163 and CVE-2008-3860.
CVSS Score
4.3
EPSS Score
0.004
Published
2008-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved