Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2007-12-27 22:46

Modified

2024-11-21 00:35

Severity ?

Summary

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

References

URL	Tags
cret@cert.org	http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html	Exploit
cret@cert.org	http://osvdb.org/40954
cret@cert.org	http://secunia.com/advisories/28184	Vendor Advisory
cret@cert.org	http://www.kb.cert.org/vuls/id/963889	US Government Resource
cret@cert.org	http://www.securityfocus.com/bid/26972	Exploit
cret@cert.org	http://www.securitytracker.com/id?1019138
cret@cert.org	http://www.vupen.com/english/advisories/2007/4296
cret@cert.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39175
cret@cert.org	https://www.exploit-db.com/exploits/4818
cret@cert.org	https://www.exploit-db.com/exploits/4820
cret@cert.org	https://www.exploit-db.com/exploits/5111
af854a3a-2127-422b-91ae-364da2661108	http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40954
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28184	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/963889	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26972	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019138
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/4296
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39175
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4818
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/4820
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/5111

Impacted products

Vendor	Product	Version
ibm	domino_web_access	6.0
ibm	domino_web_access	6.0.1
ibm	domino_web_access	6.0.1.1
ibm	domino_web_access	6.0.2
ibm	domino_web_access	6.0.3
ibm	domino_web_access	6.0.4
ibm	domino_web_access	6.0.5
ibm	domino_web_access	6.5
ibm	domino_web_access	6.5.1
ibm	domino_web_access	6.5.2
ibm	domino_web_access	6.5.3
ibm	domino_web_access	6.5.4
ibm	domino_web_access	6.5.5
ibm	domino_web_access	7.0
ibm	domino_web_access	7.0.1
ibm	lotus_domino_web_access	7.0.1
ibm	lotus_domino_web_access	7.0.34.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44AA6D47-C1F7-463A-AED5-E3C253ADEF3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "179A1BBE-2FB2-449D-90B7-3DDD43794B58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "377006EB-EF18-4B5F-93DE-A4B91F7B6AF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1C12C7A-C820-468D-B619-A75060B8562B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "21D6D6BD-F80D-4EF3-9713-CBAB8CBD4CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2CFB784-67BA-4FDF-9F36-50895BB0CA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D062046-56EA-420F-8CF4-4CC1616F20DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "95FC4EF7-9E76-4790-A35D-951CC3BA816F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E58595-AE0A-47AB-AC49-61C6B87B5504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F217AE30-EF90-4AED-815E-569AC29696ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B18ACE9-0DD2-486D-B034-B5598CDCA8AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD8968A-6164-41CB-85C8-B3EDAFD3D83F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_access:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F46CAB34-95D7-4728-B29E-FE766DF257F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino_web_access:7.0.34.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "587CC055-433D-4086-B1E3-0A9DF12030A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en el control ActiveX IBM Lotus Domino Web Access, proporcionado en inotes6.dll, inotes62.dll, dwa7.dll, y dwa7w.dll, en Domino 6.x y 7.x permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n, como se ha demostrado mediante un desbordamiento con un valor largo de la propiedad General_ServerName cuando se llama a la funci\u00f3n InstallBrowserHelperDll del m\u00f3dulo Upload en el control dwa7.dwa7.1 de dwa7w.dll 7.0.34.1."
    }
  ],
  "id": "CVE-2007-4474",
  "lastModified": "2024-11-21T00:35:40.977",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2007-12-27T22:46:00.000",
  "references": [
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html"
    },
    {
      "source": "cret@cert.org",
      "url": "http://osvdb.org/40954"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28184"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/963889"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/26972"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id?1019138"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.vupen.com/english/advisories/2007/4296"
    },
    {
      "source": "cret@cert.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39175"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.exploit-db.com/exploits/4818"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.exploit-db.com/exploits/4820"
    },
    {
      "source": "cret@cert.org",
      "url": "https://www.exploit-db.com/exploits/5111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40954"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28184"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/963889"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/26972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019138"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/4296"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/4818"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/4820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/5111"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-01-09 18:30

Modified

2024-11-21 01:11

Severity ?

Summary

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/38026	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
cve@mitre.org	http://www.securityfocus.com/bid/37675
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38026	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27017776
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/37675
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473

Impacted products

Vendor	Product	Version
ibm	domino_web_access	*
ibm	lotus_inotes	*
ibm	lotus_domino	8.0.2.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D53FB16-F441-48A4-A685-48257107EAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52A641CD-F146-4732-8C4A-8DF6C230EE8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
    },
    {
      "lang": "es",
      "value": "IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.241 para Domino v8.0.2 FP3 no maneja adecuadamente la navegaci\u00f3n del \"Try Lotus iNotes anyway\" enlace desde la p\u00e1gina que informa del uso de un navegador no soportado, tiene u impacto y vectores de ataque sin especificar, tambi\u00e9n conocido como SPR LSHR7TBMQU."
    }
  ],
  "id": "CVE-2010-0276",
  "lastModified": "2024-11-21T01:11:53.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-01-09T18:30:01.947",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/37675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-03-03 19:30

Modified

2024-11-21 01:13

Severity ?

Summary

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
cve@mitre.org	http://secunia.com/advisories/38681	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/38744	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/38755	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1023662
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/62612
cve@mitre.org	http://www.securityfocus.com/bid/38457
cve@mitre.org	http://www.securityfocus.com/bid/38459
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0495	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0496	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38681	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38744	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38755	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023662
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/62612
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38457
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38459
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0495	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0496	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555

Impacted products

Vendor	Product	Version
ibm	domino_web_access	6.5
ibm	domino_web_access	7.0
ibm	domino_web_access	7.0.1
ibm	domino_web_access	7.0.2
ibm	domino_web_access	7.0.3
ibm	domino_web_access	8.0
ibm	domino_web_access	8.0.2
ibm	lotus_inotes	*
ibm	lotus_inotes	229.011
ibm	lotus_inotes	229.021
ibm	lotus_inotes	229.031
ibm	lotus_inotes	229.041
ibm	lotus_inotes	229.051
ibm	lotus_inotes	229.061
ibm	lotus_inotes	229.101
ibm	lotus_inotes	229.111
ibm	lotus_inotes	229.131
ibm	lotus_inotes	229.141
ibm	lotus_inotes	229.151
ibm	lotus_inotes	229.161
ibm	lotus_inotes	229.171
ibm	lotus_inotes	229.181
ibm	lotus_inotes	229.191
ibm	lotus_inotes	229.201
ibm	lotus_inotes	229.211
ibm	lotus_inotes	229.221
ibm	lotus_inotes	229.231
ibm	lotus_inotes	229.241
ibm	lotus_inotes	229.251
ibm	lotus_inotes	229.261
ibm	lotus_domino	8.0.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B653AE06-0056-45AA-B321-391EE70532B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D5C812F-4B1E-42A1-A478-978DF925D22D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "723845C5-91E1-4BED-B41F-9E0A0DB629D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00",
              "versionEndIncluding": "229.271",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
              "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
              "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
              "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
              "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
              "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
              "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
              "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
              "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
              "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
              "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
              "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
              "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ."
    }
  ],
  "id": "CVE-2010-0919",
  "lastModified": "2024-11-21T01:13:12.660",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-03-03T19:30:00.743",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38681"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38744"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38755"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023662"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/62612"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38457"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0495"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023662"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/62612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0496"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-09-08 22:30

Modified

2024-11-21 01:06

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36626	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg27016745	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/36292
cve@mitre.org	http://www.vupen.com/english/advisories/2009/2557	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/53086
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36626	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg27016745	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36292
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/2557	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/53086

Impacted products

	Vendor	Product	Version
	ibm	domino_web_access	8.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6608F6B-DA78-4CCF-8496-67EA0AB87D84",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS)IBM Lotus iNotes (conocido como Domino Web Access o DWA) anterior v211.241 para Domino v8.0.1 permite a atacantes remotos ejecutar c\u00f3digo web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados, como SPR EZEL7UURYC."
    }
  ],
  "id": "CVE-2009-3105",
  "lastModified": "2024-11-21T01:06:33.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-09-08T22:30:00.563",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36626"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36292"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2557"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53086"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36292"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2557"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53086"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2010-0919

Vulnerability from cvelistv5

Published

2010-03-03 19:00

Modified

2024-08-07 01:06

Severity ?

Summary

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/56555	vdb-entry, x_refsource_XF
	http://www.osvdb.org/62612	vdb-entry, x_refsource_OSVDB
	http://securitytracker.com/id?1023662	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg21421808	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0496	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/38459	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/38755	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/38744	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857	third-party-advisory, x_refsource_IDEFENSE
	http://www-01.ibm.com/support/docview.wss?uid=swg27018109	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/38457	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/38681	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0495	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T01:06:52.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "inotes-activex-bo(56555)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
          },
          {
            "name": "62612",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62612"
          },
          {
            "name": "1023662",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023662"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
          },
          {
            "name": "ADV-2010-0496",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0496"
          },
          {
            "name": "38459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38459"
          },
          {
            "name": "38755",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38755"
          },
          {
            "name": "38744",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38744"
          },
          {
            "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
          },
          {
            "name": "38457",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38457"
          },
          {
            "name": "38681",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38681"
          },
          {
            "name": "ADV-2010-0495",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0495"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "inotes-activex-bo(56555)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
        },
        {
          "name": "62612",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62612"
        },
        {
          "name": "1023662",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023662"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
        },
        {
          "name": "ADV-2010-0496",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0496"
        },
        {
          "name": "38459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38459"
        },
        {
          "name": "38755",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38755"
        },
        {
          "name": "38744",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38744"
        },
        {
          "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
        },
        {
          "name": "38457",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38457"
        },
        {
          "name": "38681",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38681"
        },
        {
          "name": "ADV-2010-0495",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0495"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0919",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "inotes-activex-bo(56555)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"
            },
            {
              "name": "62612",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62612"
            },
            {
              "name": "1023662",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023662"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"
            },
            {
              "name": "ADV-2010-0496",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0496"
            },
            {
              "name": "38459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38459"
            },
            {
              "name": "38755",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38755"
            },
            {
              "name": "38744",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38744"
            },
            {
              "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"
            },
            {
              "name": "38457",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38457"
            },
            {
              "name": "38681",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38681"
            },
            {
              "name": "ADV-2010-0495",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0495"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0919",
    "datePublished": "2010-03-03T19:00:00",
    "dateReserved": "2010-03-03T00:00:00",
    "dateUpdated": "2024-08-07T01:06:52.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-3105

Vulnerability from cvelistv5

Published

2009-09-08 22:00

Modified

2024-08-07 06:14

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/36292	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/36626	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2009/2557	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/53086	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg27016745	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:14:56.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36292",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36292"
          },
          {
            "name": "36626",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36626"
          },
          {
            "name": "ADV-2009-2557",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/2557"
          },
          {
            "name": "domino-unspecified-xss(53086)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53086"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-09-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "36292",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36292"
        },
        {
          "name": "36626",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36626"
        },
        {
          "name": "ADV-2009-2557",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/2557"
        },
        {
          "name": "domino-unspecified-xss(53086)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53086"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3105",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 211.241 for Domino 8.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR EZEL7UURYC."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36292",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36292"
            },
            {
              "name": "36626",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36626"
            },
            {
              "name": "ADV-2009-2557",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/2557"
            },
            {
              "name": "domino-unspecified-xss(53086)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53086"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27016745"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3105",
    "datePublished": "2009-09-08T22:00:00",
    "dateReserved": "2009-09-08T00:00:00",
    "dateUpdated": "2024-08-07T06:14:56.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4474

Vulnerability from cvelistv5

Published

2007-12-27 22:00

Modified

2024-08-07 14:53

Severity ?

Summary

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

References

▼	URL	Tags
	http://www.securitytracker.com/id?1019138	vdb-entry, x_refsource_SECTRACK
	https://www.exploit-db.com/exploits/5111	exploit, x_refsource_EXPLOIT-DB
	http://www.securityfocus.com/bid/26972	vdb-entry, x_refsource_BID
	http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html	mailing-list, x_refsource_FULLDISC
	https://exchange.xforce.ibmcloud.com/vulnerabilities/39175	vdb-entry, x_refsource_XF
	https://www.exploit-db.com/exploits/4820	exploit, x_refsource_EXPLOIT-DB
	http://www.kb.cert.org/vuls/id/963889	third-party-advisory, x_refsource_CERT-VN
	http://www.vupen.com/english/advisories/2007/4296	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/28184	third-party-advisory, x_refsource_SECUNIA
	https://www.exploit-db.com/exploits/4818	exploit, x_refsource_EXPLOIT-DB
	http://osvdb.org/40954	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1019138",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019138"
          },
          {
            "name": "5111",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/5111"
          },
          {
            "name": "26972",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26972"
          },
          {
            "name": "20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html"
          },
          {
            "name": "domino-dwa7w-bo(39175)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39175"
          },
          {
            "name": "4820",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4820"
          },
          {
            "name": "VU#963889",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/963889"
          },
          {
            "name": "ADV-2007-4296",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4296"
          },
          {
            "name": "28184",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28184"
          },
          {
            "name": "4818",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/4818"
          },
          {
            "name": "40954",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40954"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-12-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1019138",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019138"
        },
        {
          "name": "5111",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/5111"
        },
        {
          "name": "26972",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26972"
        },
        {
          "name": "20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html"
        },
        {
          "name": "domino-dwa7w-bo(39175)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39175"
        },
        {
          "name": "4820",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4820"
        },
        {
          "name": "VU#963889",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/963889"
        },
        {
          "name": "ADV-2007-4296",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4296"
        },
        {
          "name": "28184",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28184"
        },
        {
          "name": "4818",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/4818"
        },
        {
          "name": "40954",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40954"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2007-4474",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1019138",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019138"
            },
            {
              "name": "5111",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/5111"
            },
            {
              "name": "26972",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26972"
            },
            {
              "name": "20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html"
            },
            {
              "name": "domino-dwa7w-bo(39175)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39175"
            },
            {
              "name": "4820",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4820"
            },
            {
              "name": "VU#963889",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/963889"
            },
            {
              "name": "ADV-2007-4296",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4296"
            },
            {
              "name": "28184",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28184"
            },
            {
              "name": "4818",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/4818"
            },
            {
              "name": "40954",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40954"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2007-4474",
    "datePublished": "2007-12-27T22:00:00",
    "dateReserved": "2007-08-22T00:00:00",
    "dateUpdated": "2024-08-07T14:53:55.977Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-0276

Vulnerability from cvelistv5

Published

2010-01-09 18:00

Modified

2024-08-07 00:45

Severity ?

Summary

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

References

▼	URL	Tags
	http://secunia.com/advisories/38026	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/55473	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2010/0077	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/37675	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg27017776	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:45:11.421Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38026"
          },
          {
            "name": "domino-trylotus-unspecified(55473)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
          },
          {
            "name": "ADV-2010-0077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0077"
          },
          {
            "name": "37675",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/37675"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38026"
        },
        {
          "name": "domino-trylotus-unspecified(55473)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
        },
        {
          "name": "ADV-2010-0077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0077"
        },
        {
          "name": "37675",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/37675"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0276",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38026"
            },
            {
              "name": "domino-trylotus-unspecified(55473)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473"
            },
            {
              "name": "ADV-2010-0077",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0077"
            },
            {
              "name": "37675",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/37675"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0276",
    "datePublished": "2010-01-09T18:00:00",
    "dateReserved": "2010-01-09T00:00:00",
    "dateUpdated": "2024-08-07T00:45:11.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to ibm - domino_web_access

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2010-0919

Vulnerability from cvelistv5

cve-2009-3105

Vulnerability from cvelistv5

cve-2007-4474

Vulnerability from cvelistv5

cve-2010-0276

Vulnerability from cvelistv5