CVE-2006-0121

Multiple memory leaks in IBM Lotus Notes and Domino Server before 6.5.5 allow attackers to cause a denial of service (memory consumption and crash) via unknown vectors related to (1) unspecified vectors during the SSL handshake (SPR# MKIN67MQVW), (2) the stash file during the SSL handshake (SPR# MKIN693QUT), and possibly other vectors. NOTE: due to insufficient information in the original vendor advisory, it is not clear whether there is an attacker role in other memory leaks that are specified in the advisory.

Published: Jan 9, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-0121
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / lotus_domino	6.5.4	6.5.4.x
ibm / lotus_notes	6.5.2	6.5.2.x
ibm / lotus_domino_enterprise_server	6.5.4	6.5.4.x
ibm / lotus_domino	6.5.2	6.5.2.x
ibm / lotus_domino	6.5.1	6.5.1.x
ibm / lotus_notes	6.5.4	6.5.4.x
ibm / lotus_domino	6.5.0	6.5.0.x
ibm / lotus_notes	6.5.1	6.5.1.x
ibm / lotus_notes	6.5	6.5.x
ibm / lotus_domino	6.5.3	6.5.3.x
ibm / lotus_notes	6.5.3	6.5.3.x
ibm / lotus_domino_enterprise_server	6.5.2	6.5.2.x

Vulnerability Database

289,697

CVE-2006-0121