Buffer Overflow Vulnerability in Lotus Notes by IBM
CVE-2003-0122

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes Client; Lotus Domino
Vendor: CVE Published:; 18 March 2003

Summary

A buffer overflow vulnerability exists in IBM's Lotus Notes servers prior to version 5.0.11 for R5 and early versions of R6. This vulnerability can be exploited by remote attackers via a crafted distinguished name (DN) during the NotesRPC authentication process, potentially allowing them to execute arbitrary code. By manipulating the DN field in such a manner that its length exceeds the allocated buffer, attackers can gain unauthorized access and control over affected systems, which raises significant security concerns for organizations relying on Lotus Notes.

References

http://www.cert.org/advisories/CA-2003-11.html

third-party-advisoryx_refsource_CERT

http://www.ciac.org/ciac/bulletins/n-065.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

https://exchange.xforce.ibmcloud.com/vulnerabilities/11526

vdb-entryx_refsource_XF

EPSS Score

26% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 18, 2003
Vulnerability Reserved
Mar 10, 2003