fkie_cve-2003-0123
Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | lotus_domino | 4.6.1 | |
| ibm | lotus_domino | 4.6.3 | |
| ibm | lotus_domino | 4.6.4 | |
| ibm | lotus_domino | 5.0 | |
| ibm | lotus_domino | 5.0.1 | |
| ibm | lotus_domino | 5.0.2 | |
| ibm | lotus_domino | 5.0.3 | |
| ibm | lotus_domino | 5.0.4 | |
| ibm | lotus_domino | 5.0.4a | |
| ibm | lotus_domino | 5.0.5 | |
| ibm | lotus_domino | 5.0.6 | |
| ibm | lotus_domino | 5.0.6a | |
| ibm | lotus_domino | 5.0.7 | |
| ibm | lotus_domino | 5.0.7a | |
| ibm | lotus_domino | 5.0.8 | |
| ibm | lotus_domino | 5.0.8a | |
| ibm | lotus_domino | 5.0.9 | |
| ibm | lotus_domino | 5.0.9a | |
| ibm | lotus_domino | 5.0.10 | |
| ibm | lotus_domino | 5.0.11 | |
| ibm | lotus_notes_client | 5.0 | |
| ibm | lotus_notes_client | 5.0.1 | |
| ibm | lotus_notes_client | 5.0.2 | |
| ibm | lotus_notes_client | 5.0.3 | |
| ibm | lotus_notes_client | 5.0.4 | |
| ibm | lotus_notes_client | 5.0.5 | |
| ibm | lotus_notes_client | 5.0.9a | |
| ibm | lotus_notes_client | 5.0.10 | |
| ibm | lotus_notes_client | 5.0.11 | |
| ibm | lotus_notes_client | r5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "51C33E15-C92F-4F22-9593-EFFE9F033730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C91500D-E91E-4776-9F51-34E7EBB8F031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F5441972-4038-4845-9B35-EF35C0053EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3264F8E8-C40A-4C5C-BF2C-BD4690FE7EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9513C4-3F02-4C32-AD91-C4A5941A5A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E570AFE6-CEAF-4F6F-81D3-CFFAAA8D5109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CF6B527E-B1FE-41A3-A274-7BE2E893E6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92B419CE-813B-42AA-9E06-2059F7DEE669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "197E7E1C-D545-46FB-890F-B92AB9DA2B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "986B8670-2341-474D-8477-47627DF1ED02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "908E6F9A-FCE7-48C2-A307-057536944313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "400521B9-F617-44A5-AF59-3D8DAE78067A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "00D21AF1-5802-41DA-8812-43B251D55CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "78DCE051-78E2-4F35-9598-98C19110ECE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A80A1E8B-43C8-449F-9B16-01F30D23E3D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E9D813-6EDD-48A0-9A2D-E08207F25AB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F49E352F-35C5-4C9A-9B3D-C8C6FC128B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2A846C-20EC-41A6-BF4C-8FB84C45CEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0761E0-E899-413E-97CF-23BDA9395B15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8471D114-204C-4B44-B0BE-C86226D8A5A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16FA46F1-4A78-4091-8498-8D4C4F946A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF03B36-AEE4-4A40-B7B6-4EAB2552C1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6FD2E2-5454-4054-9482-93D698AA1840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E2E4D7A-ACD2-482D-B3E4-FFEA47040E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B0D185EB-F565-4D06-949F-27B44267E2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "006538A8-3D1F-405F-A493-A2DF0693D190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.9a:*:*:*:*:*:*:*",
"matchCriteriaId": "386C3C61-940D-4DCA-BB08-D47924759DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F7987AAB-0035-4BFB-A4E9-E56D19BB7774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3306F4C6-1D42-47A9-9286-F05F15DC971F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_client:r5:*:*:*:*:*:*:*",
"matchCriteriaId": "49557BEE-0FED-4F45-89C3-5DCBD2C7851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el cliente Web Retriever de Lotus Notes/Domino R4.5 a R.6 permite a servidores web remotos maliciosos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante una l\u00ednea de estado HTTP larga."
}
],
"id": "CVE-2003-0123",
"lastModified": "2024-11-20T23:44:00.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104757545500368\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?rs=482\u0026q=Domino\u0026uid=swg21105060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ciac.org/ciac/bulletins/n-065.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/411489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.rapid7.com/advisories/R7-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/7038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11525"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.