CVE-2006-0120

3 documents3 sources

Severity

5.0MEDIUM

EPSS

3.4%

top 12.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino IBM Lotus Domino Enterprise Server IBM Lotus Notes

Timeline

PublishedJan 9

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the …

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶NVDibm/lotus_domino_enterprise_server6.5.2, 6.5.4+1

▶NVDibm/lotus_domino5 versions+4

▶NVDibm/lotus_notes5 versions+4

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-74qm-66r3-mxx7: Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6↗2022-05-01

▶

CVEList

CVE-2006-0120: Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6↗2006-01-09

▶