ID |
CVE-2003-0178
|
Summary |
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 10.0 (as of 11-07-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
bid | | bugtraq | - 20030217 Domino Advisories UPDATE
- 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
- 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
| cert | CA-2003-11 | cert-vn | - VU#206361
- VU#542873
- VU#772817
| ciac | N-065 | misc | | ntbugtraq | - 20030217 Domino Advisories UPDATE
- 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
- 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
| vulnwatch | - 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a)
- 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b)
- 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c)
| xf | - lotus-domino-hostname-bo(11337)
- lotus-domino-inotes-bo(11336)
|
|
Last major update |
11-07-2017 - 01:29 |
Published |
02-04-2003 - 05:00 |
Last modified |
11-07-2017 - 01:29 |