CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-2240

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile2.73th
Published2008年5月22日
Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.

Affected Platforms (CPE)

📦
Ibm

Lotus Domino

= 6.0
📦
Ibm

Lotus Domino

= 6.5
📦
Ibm

Lotus Domino

= 7.0
📦
Ibm

Lotus Domino

= 8.0
📦
Ibm

Lotus Domino

= 8.0.1

References & Advisories

🔗 http://secunia.com/advisories/30310
🔗 http://secunia.com/advisories/30332
🔗 http://www-1.ibm.com/support/docview.wss?uid=swg21303057
🔗 http://www.attrition.org/pipermail/vim/2008-May/001988.html
🔗 http://www.attrition.org/pipermail/vim/2008-May/001989.html
🔗 http://www.mwrinfosecurity.com/publications/mwri_ibm-lotus-domino-accept-language-stack-overflow_2008-05-20.pdf
🔗 http://www.securityfocus.com/bid/29310
🔗 http://www.securitytracker.com/id?1020098

相關漏洞威脅

CVE-2000-104710.0

Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibl...

CVE-2001-013010.0

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers t...

CVE-2000-104610.0

Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of serv...

CVE-2001-084610.0

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administra...