CVE-2003-0179: Buffer Overflow
First published: Sat Mar 29 2003(Updated: )
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino | =6.0 | |
| IBM Lotus Domino R5 Client | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/571297
- http://www.securityfocus.com/bid/6872
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
- http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
- http://www-1.ibm.com/support/docview.wss?uid=swg21104543
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://marc.info/?l=bugtraq&m=104550335103136&w=2
- http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
- http://marc.info/?l=bugtraq&m=104550124032513&w=2
- http://marc.info/?l=ntbugtraq&m=104558778131373&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11339
Frequently Asked Questions
What is the severity of CVE-2003-0179?
CVE-2003-0179 is considered a critical severity vulnerability that can lead to arbitrary code execution.
How do I fix CVE-2003-0179?
To mitigate CVE-2003-0179, upgrade to a later version of Lotus Domino or Lotus Notes that has patched this buffer overflow flaw.
Who is affected by CVE-2003-0179?
CVE-2003-0179 primarily affects users of Lotus Domino 6.0.1 and earlier versions, including the Lotus Notes Client.
What type of vulnerability is CVE-2003-0179?
CVE-2003-0179 is a buffer overflow vulnerability related to the COM Object Control Handler.
Can CVE-2003-0179 be exploited remotely?
Yes, CVE-2003-0179 can be exploited remotely through various attack vectors such as the InitializeUsingNotesUserName method.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/6.0
- canonical/ibm lotus domino r5 client
- version/ibm lotus domino r5 client/6.0