CVE-2005-0986

Published: May 2, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

NLSCCSTR.DLL in the web service in IBM Lotus Domino Server 6.5.1, 6.0.3, and possibly other versions allows remote attackers to cause a denial of service (deep recursion and nHTTP.exe process crash) via a long GET request containing UNICODE decimal value 430 characters, which causes the stack to be exhausted. NOTE: IBM has reported that it is unable to replicate this issue.

Affected (2)

Products: Ibm: Lotus Domino Server

1 product

Lotus Domino Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Lotus Domino Server	Version 6.0.3
Ibm Lotus Domino Server	Version 6.5.1

References (10)

http://news.zdnet.co.uk/software/applications/0%2C39020384%2C39194293%2C00.htm

Source: cve@mitre.org

http://secunia.com/advisories/14858

Source: cve@mitre.org

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg21202446

Source: cve@mitre.org

Vendor Advisory

http://www.idefense.com/application/poi/display?id=224&type=vulnerabilities

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2005/0322

Source: cve@mitre.org

http://news.zdnet.co.uk/software/applications/0%2C39020384%2C39194293%2C00.htm

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/14858

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg21202446

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.idefense.com/application/poi/display?id=224&type=vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2005/0322

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.