CVE-2007-6706
IBM Lotus Notes < 7.0.2 - Remote Code Execution via Crafted SMTP Email
Title source: llmDescription
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/40956
Various Sources x_refsource_confirm
http://www-1.ibm.com/support/docview.wss?uid=swg21271957
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1019464
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27279
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3597
Scores
EPSS
0.0347
EPSS Percentile
87.6%
Details
CWE
CWE-94
Status
published
Products (3)
ibm/lotus_notes
6.5
ibm/lotus_notes
8.0
ibm/lotus_notes
< 7.0.2
Published
Mar 09, 2008
Tracked Since
Feb 18, 2026