CVE-2007-4474

IBM Lotus Domino - Buffer Overflow

Title source: llm

Description

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

Exploits (5)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16502
exploitdb WORKING POC VERIFIED
by Elazar · htmlremotewindows
https://www.exploit-db.com/exploits/5111
exploitdb WORKING POC VERIFIED
by Elazar · htmlremotewindows
https://www.exploit-db.com/exploits/4820
exploitdb WORKING POC VERIFIED
by Elazar · htmlremotewindows
https://www.exploit-db.com/exploits/4818
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/ibmlotusdomino_dwa_uploadmodule.rb

References (11)

Scores

EPSS 0.8730
EPSS Percentile 99.5%

Details

CWE
CWE-119
Status published
Products (17)
ibm/domino_web_access 6.0
ibm/domino_web_access 6.0.1
ibm/domino_web_access 6.0.1.1
ibm/domino_web_access 6.0.2
ibm/domino_web_access 6.0.3
ibm/domino_web_access 6.0.4
ibm/domino_web_access 6.0.5
ibm/domino_web_access 6.5
ibm/domino_web_access 6.5.1
ibm/domino_web_access 6.5.2
... and 7 more
Published Dec 27, 2007
Tracked Since Feb 18, 2026