CVE-2010-0919

IBM Lotus iNotes <7.0.4 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

References (13)

Core 13
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56555
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/62612
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1023662
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21421808
Patch, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0496
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38459
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38755
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38744
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg27018109
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38457
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38681
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0495

Scores

EPSS 0.0573
EPSS Percentile 92.2%

Details

CWE
CWE-119
Status published
Products (30)
ibm/domino_web_access 6.5
ibm/domino_web_access 7.0
ibm/domino_web_access 7.0.1
ibm/domino_web_access 7.0.2
ibm/domino_web_access 7.0.3
ibm/domino_web_access 8.0
ibm/domino_web_access 8.0.2
ibm/lotus_inotes 229.011
ibm/lotus_inotes 229.021
ibm/lotus_inotes 229.031
... and 20 more
Published Mar 03, 2010
Tracked Since Feb 18, 2026