CVE Tools

lotus

Enterprise Softwarecommercial

28

Cumulative CVEs

15

Monthly snapshots

#2

Peak rank

Top products

domino mail server1

Latest CVEs

The 15 most recently published vulnerabilities affecting lotus.

CVE-2003-1408Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot.5.0Oct 20, 2007
CVE-2002-2191Lotus Domino 5.0.9a and earlier, even when configured with the 'DominoNoBanner=1' option, allows remote attackers to obtain potential sensitive information such as the version via a request for a n...5.0Nov 16, 2005
CVE-2001-1445Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.7.5Apr 21, 2005
CVE-2000-1203Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), whic...5.0Sep 1, 2004
CVE-2002-1010Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypas...7.5Aug 31, 2002
CVE-2001-0939Lotus Domino 5.08 and earlier allows remote attackers to cause a denial of service (crash) via a SunRPC NULL command to port 443.5.0Jun 25, 2002
CVE-2001-1161Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute script on other web clients via a URL that ends in Javascript, which generates an error message tha...7.5Jun 25, 2002
CVE-2002-0408htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates...5.0Jun 11, 2002
CVE-2002-0407htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, ...5.0Jun 11, 2002
CVE-2002-0245Lotus Domino server 5.0.8 with NoBanner enabled allows remote attackers to (1) determine the physical path of the server via a request for a nonexistent file with a .pl (Perl) extension, which leak...7.5May 3, 2002
CVE-2001-0954Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that inc...5.0Mar 9, 2002
CVE-2001-0846Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf).10.0Mar 9, 2002
CVE-2002-0087bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.2.1Mar 7, 2002
CVE-2001-1018Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the server when NAT is enabled via a GET request that contains a long sequence of / (slash) characters.5.0Feb 2, 2002
CVE-2001-0847Lotus Domino Web Server 5.x allows remote attackers to gain sensitive information by accessing the default navigator $defaultNav via (1) URL encoding the request, or (2) directly requesting the Rep...7.5Nov 22, 2001