Search Results (31 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2003-1408 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.
CVE-2000-1046 1 Lotus 1 Domino 2026-04-16 N/A
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
CVE-2000-1203 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.
CVE-2001-0260 1 Lotus 1 Domino Mail Server 2026-04-16 N/A
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.
CVE-2001-0939 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443.
CVE-2001-1161 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message that does not quote the resulting script.
CVE-2002-0245 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leaks the pathname in the error message, or (2) make any request that causes an HTTP 500 error, which leaks the server's version name in the HTTP error message.
CVE-2002-2191 1 Lotus 1 Domino 2026-04-16 N/A
Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a non-existent .nsf database, which leaks the version in the HTTP banner.
CVE-2000-0021 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
CVE-2000-0022 1 Lotus 1 Domino Server 2026-04-16 N/A
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
CVE-2000-0452 1 Lotus 2 Domino Enterprise Server, Domino Mail Server 2026-04-16 N/A
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
CVE-2002-0407 1 Lotus 1 Domino 2026-04-16 N/A
htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2) a request containing a large number of periods, which causes htcgibin.exe to leak the pathname in an error message.
CVE-2002-0408 1 Lotus 1 Domino 2026-04-16 N/A
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard-coded error message.
CVE-2000-1047 1 Lotus 2 Domino Enterprise Server, Domino Mail Server 2026-04-16 N/A
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
CVE-2001-0009 1 Lotus 1 Domino Server 2026-04-16 N/A
Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack.
CVE-2001-0600 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type.
CVE-2001-0601 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
CVE-2001-0602 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices.
CVE-2001-0603 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
CVE-2001-0604 1 Lotus 1 Domino R5 Server 2026-04-16 N/A
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.