CVE-2008-2499
IBM Lotus Sametime < 7.5 - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16696
exploitdb
WORKING POC
VERIFIED
by Manuel Santamarina Suarez · perlremoteunix
https://www.exploit-db.com/exploits/31820
metasploit
WORKING POC
NORMAL
by aushack · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/lotus/domino_sametime_stmux.rb
References (7)
Scores
EPSS
0.8089
EPSS Percentile
99.2%
Details
CWE
CWE-119
Status
published
Products (2)
ibm/lotus_sametime
7.5.1 cf1
ibm/lotus_sametime
< 7.5
Published
May 29, 2008
Tracked Since
Feb 18, 2026