CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2240

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile2.73th
PublishedMay 22, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.

Affected Platforms (CPE)

πŸ“¦
Ibm

Lotus Domino

= 6.0
πŸ“¦
Ibm

Lotus Domino

= 6.5
πŸ“¦
Ibm

Lotus Domino

= 7.0
πŸ“¦
Ibm

Lotus Domino

= 8.0
πŸ“¦
Ibm

Lotus Domino

= 8.0.1

References & Advisories

πŸ”— http://secunia.com/advisories/30310
πŸ”— http://secunia.com/advisories/30332
πŸ”— http://www-1.ibm.com/support/docview.wss?uid=swg21303057
πŸ”— http://www.attrition.org/pipermail/vim/2008-May/001988.html
πŸ”— http://www.attrition.org/pipermail/vim/2008-May/001989.html
πŸ”— http://www.mwrinfosecurity.com/publications/mwri_ibm-lotus-domino-accept-language-stack-overflow_2008-05-20.pdf
πŸ”— http://www.securityfocus.com/bid/29310
πŸ”— http://www.securitytracker.com/id?1020098

Related Vulnerabilities

CVE-2000-104710.0

Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibl...

CVE-2001-013010.0

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers t...

CVE-2000-104610.0

Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of serv...

CVE-2001-084610.0

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administra...