Vulnerability Description
Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed message sent to an "Out Of Office" agent (SPR LPEE6DMQWJ), (2) the compact command (RTIN5U2SAJ), (3) malformed bitmap images (MYAA6FH5HW), (4) the "Delete Attachment" action (YPHG6844LD), (5) parsing certificates from a remote Certificate Table (AELE6DZFJW), and (6) creating a SSL key ring with the Domino Administration client (NSUA4FQPTN).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Domino | 6.5.0 |
| Ibm | Lotus Domino Enterprise Server | 6.5.2 |
| Ibm | Lotus Notes | 6.5 |
References
- http://secunia.com/advisories/18328PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg27007054
- http://www-10.lotus.com/ldd/r5fixlist.nsf/5c087391999d06e7852569280062619d/25839
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/04048
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/2bb4f
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/4118a
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/5f166
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ad0dd
- http://www-10.lotus.com/ldd/r5fixlist.nsf/e7dbb5aee9a94c56852570c90056a95d/ced5f
- http://www.securityfocus.com/bid/16158Patch
- http://www.vupen.com/english/advisories/2006/0081
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24212
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24213
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24214
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24215
FAQ
What is CVE-2006-0120?
CVE-2006-0120 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (application crash) via multiple vectors, involving (1) a malformed ...
How severe is CVE-2006-0120?
CVE-2006-0120 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0120?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino, Ibm Lotus Domino Enterprise Server, Ibm Lotus Notes.