PT-2003-1383 · Ibm · Lotus Notes

Published

2003-03-18

Updated

2017-12-12

CVE-2003-0122

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Lotus Notes versions prior to R4 Lotus Notes R5 versions prior to 5.0.11 Lotus Notes R6 versions (early releases)

Description The issue allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.

Recommendations For Lotus Notes versions prior to R4, update to R4 or later. For Lotus Notes R5 versions prior to 5.0.11, update to 5.0.11 or later. For early releases of Lotus Notes R6, update to a later release of R6.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0122

Affected Products

Lotus Notes

PT-2003-1383 · Ibm · Lotus Notes

CVE-2003-0122

Related Identifiers

Affected Products

References · 11