CVE-2008-1217

IBM Lotus Notes 6.5, 7.0.x-7.0.2 CCH, 8.0.x-8.0.1 - Remote Code Execution via Crafted Email Attachment

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www-1.ibm.com/support/docview.wss?uid=swg21271957
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1019464

Scores

EPSS 0.0292
EPSS Percentile 85.3%

Details

CWE
CWE-94
Status published
Products (3)
ibm/lotus_notes 6.5
ibm/lotus_notes 7.0.2
ibm/lotus_notes 8.0.0
Published Mar 09, 2008
Tracked Since Feb 18, 2026