Description
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
Product(s):
- IBM Lotus Domino 4.6.1
- IBM Lotus Domino 4.6.3
- IBM Lotus Domino 4.6.4
- IBM Lotus Domino 5.0.10
- IBM Lotus Domino 5.0.11
- IBM Lotus Domino 5.0.1
- IBM Lotus Domino 5.0.2
- IBM Lotus Domino 5.0.3
- IBM Lotus Domino 5.0.4
- IBM Lotus Domino 5.0.4a
- IBM Lotus Domino 5.0.5
- IBM Lotus Domino 5.0.6
- IBM Lotus Domino 5.0.6a
- IBM Lotus Domino 5.0.7
- IBM Lotus Domino 5.0.7a
- IBM Lotus Domino 5.0.8
- IBM Lotus Domino 5.0.8a
- IBM Lotus Domino 5.0.9
- IBM Lotus Domino 5.0.9a
- IBM Lotus Domino 5.0
- IBM Lotus Notes Client 5.0.10
- IBM Lotus Notes Client 5.0.11
- IBM Lotus Notes Client 5.0.1
- IBM Lotus Notes Client 5.0.2
- IBM Lotus Notes Client 5.0.3
- IBM Lotus Notes Client 5.0.4
- IBM Lotus Notes Client 5.0.5
- IBM Lotus Notes Client 5.0.9a
- IBM Lotus Notes Client 5.0
- IBM Lotus Notes Client R5
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2003-0123, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2003-0123 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.