Threat Encyclopedia

HTTP.Accept-Language.Header.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Domino.
This vulnerability is caused by the Web Server service's inability to check user-supplied input. A remote attacker may send an HTTP request with an overly long "Accept-Language" header, causing the affected to server to crash or possibly execute arbitrary code.

affected-products-logoAffected Products

IBM Lotus Domino 7.0.3
IBM Lotus Domino 7.0
IBM Lotus Domino 6.5 .0
IBM Lotus Domino 6.0
IBM Lotus Domino 8.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch from the vendor, or upgrade to a non-vulnerable version.
More information can be found at the following website:

CVE References

CVE-2006-0992 CVE-2008-2240