CVE-2003-0123 — Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Lotus Domino

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

4.1%

top 11.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino IBM Lotus Notes Client

Timeline

PublishedMar 18

Latest updateApr 29

Description

Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/lotus_notes_client10 versions+9

▶NVDibm/lotus_domino20 versions+19

Patches

Patch: www-1.ibm.com ↗Patch: www-1.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-c58p-f5rx-553c: Buffer overflow in Web Retriever client for Lotus Notes/Domino R4↗2022-04-29

▶

CVEList

CVE-2003-0123: Buffer overflow in Web Retriever client for Lotus Notes/Domino R4↗2004-09-01

▶