Vulnerability CVE-2006-0119
Published: 2006-01-09   Modified: 2012-02-12

Description:
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Lotus domino 
IBM -> Lotus domino enterprise server 
IBM -> Lotus notes 

 References:
http://securitytracker.com/id?1016390
http://www-1.ibm.com/support/docview.wss?uid=swg27007054
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77eb898843aca8525709200001de1?OpenDocument&Highlight=0,JGAN6B6TZ3
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a1650d1a771f3078525702a00420def?OpenDocument&Highlight=0,HSAO6BNL6Y
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150fc9c5dec8b18525709200001da6?OpenDocument&Highlight=0,GPKS6C9J67
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab57a5b9547848525701b00420c2c?OpenDocument&Highlight=0,KSPR699NBP
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb1cbb011c747852570e4001ba9bb?OpenDocument&Highlight=0,GPKS5YQGPT
http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe7cfd9a8113b8525709200001db4?OpenDocument&Highlight=0,GPKS6C9J67
http://www.securityfocus.com/archive/1/438461/100/0/threaded
http://www.securityfocus.com/bid/16158
http://www.securityfocus.com/bid/18020
http://www.vupen.com/english/advisories/2006/0081
http://www.vupen.com/english/advisories/2006/2564
https://exchange.xforce.ibmcloud.com/vulnerabilities/24207
https://exchange.xforce.ibmcloud.com/vulnerabilities/24211
https://exchange.xforce.ibmcloud.com/vulnerabilities/27413
Copyright 2024, cxsecurity.com

 

Back to Top