Vulnerability Description
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6C9J67 in Agents, (2) JGAN6B6TZ3 and (3) KSPR699NBP in the Router, (4) GPKS5YQGPT in Security, or (5) HSAO6BNL6Y in the Web Server. NOTE: vector 3 is related to an issue in NROUTER in IBM Lotus Notes and Domino Server before 6.5.4 FP1, 6.5.5, and 7.0, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted vCal meeting request sent via SMTP (aka SPR# KSPR699NBP).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Domino | 6.5.0 |
| Ibm | Lotus Domino Enterprise Server | 6.5.2 |
| Ibm | Lotus Notes | 6.5 |
References
- http://secunia.com/advisories/18328PatchVendor Advisory
- http://secunia.com/advisories/20855Vendor Advisory
- http://securitytracker.com/id?1016390
- http://www-1.ibm.com/support/docview.wss?uid=swg27007054
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/94a77
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/9a165
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/d1150
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/de2ab
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/e4deb
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/f97fe
- http://www.securityfocus.com/archive/1/438461/100/0/threaded
- http://www.securityfocus.com/bid/16158Patch
- http://www.securityfocus.com/bid/18020
- http://www.vupen.com/english/advisories/2006/0081Vendor Advisory
- http://www.vupen.com/english/advisories/2006/2564Vendor Advisory
FAQ
What is CVE-2006-0119?
CVE-2006-0119 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due to "potential security issues" as identified by SPR numbers (1) GPKS6...
How severe is CVE-2006-0119?
CVE-2006-0119 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0119?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino, Ibm Lotus Domino Enterprise Server, Ibm Lotus Notes.