Format String Vulnerabilities in Lotus Domino R5 by IBM
CVE-2001-1312

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino R5
Vendor: CVE Published:; 16 July 2001

Summary

Lotus Domino R5, prior to version R5.0.7a, contains a format string vulnerability that can be exploited by remote attackers. This vulnerability may lead to denial of service by crashing the application and poses a risk of arbitrary code execution, as illustrated by the PROTOS LDAPv3 test suite. Organizations using affected versions of Lotus Domino R5 are advised to implement security patches and follow best practices to mitigate the risk.

References

http://www.notes.net/r5fixlist.nsf/Search%21SearchView&Qu...

x_refsource_CONFIRM

http://www.cert.org/advisories/CA-2001-18.html

third-party-advisoryx_refsource_CERT

http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/l...

x_refsource_MISC

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Jul 16, 2001