7.6
CVE-2010-0919
- EPSS 5.73%
- Veröffentlicht 03.03.2010 19:30:00
- Zuletzt bearbeitet 16.06.2026 23:17:08
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Domino Web Access Version6.5
Ibm ≫ Domino Web Access Version7.0
Ibm ≫ Domino Web Access Version7.0.1
Ibm ≫ Domino Web Access Version7.0.2
Ibm ≫ Domino Web Access Version7.0.3
Ibm ≫ Domino Web Access Version8.0
Ibm ≫ Domino Web Access Version8.0.2
Ibm ≫ Lotus Inotes Version <= 229.271
Ibm ≫ Lotus Inotes Version229.011
Ibm ≫ Lotus Inotes Version229.021
Ibm ≫ Lotus Inotes Version229.031
Ibm ≫ Lotus Inotes Version229.041
Ibm ≫ Lotus Inotes Version229.051
Ibm ≫ Lotus Inotes Version229.061
Ibm ≫ Lotus Inotes Version229.101
Ibm ≫ Lotus Inotes Version229.111
Ibm ≫ Lotus Inotes Version229.131
Ibm ≫ Lotus Inotes Version229.141
Ibm ≫ Lotus Inotes Version229.151
Ibm ≫ Lotus Inotes Version229.161
Ibm ≫ Lotus Inotes Version229.171
Ibm ≫ Lotus Inotes Version229.181
Ibm ≫ Lotus Inotes Version229.191
Ibm ≫ Lotus Inotes Version229.201
Ibm ≫ Lotus Inotes Version229.211
Ibm ≫ Lotus Inotes Version229.221
Ibm ≫ Lotus Inotes Version229.231
Ibm ≫ Lotus Inotes Version229.241
Ibm ≫ Lotus Inotes Version229.251
Ibm ≫ Lotus Inotes Version229.261
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.73% | 0.921 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 4.9 | 10 |
AV:N/AC:H/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://www-01.ibm.com/support/docview.wss?uid=swg27018109
http://www.securityfocus.com/bid/38459
http://www.vupen.com/english/advisories/2010/0496
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
http://secunia.com/advisories/38681
http://secunia.com/advisories/38744
http://secunia.com/advisories/38755
http://securitytracker.com/id?1023662
http://www-01.ibm.com/support/docview.wss?uid=swg21421808
http://www.osvdb.org/62612
http://www.securityfocus.com/bid/38457
http://www.vupen.com/english/advisories/2010/0495
https://exchange.xforce.ibmcloud.com/vulnerabilities/56555