8.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.8%
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
CPE | Name | Operator | Version |
---|---|---|---|
ibm:lotus_domino_web_server | ibm lotus domino web server | eq | 6.0 |
ibm:lotus_notes_client | ibm lotus notes client | eq | 6.0 |
archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
marc.info/?l=bugtraq&m=104550124032513&w=2
marc.info/?l=bugtraq&m=104550335103136&w=2
marc.info/?l=ntbugtraq&m=104558778131373&w=2
marc.info/?l=ntbugtraq&m=104558778331387&w=2
www-1.ibm.com/support/docview.wss?uid=swg21104543
www.cert.org/advisories/CA-2003-11.html
www.ciac.org/ciac/bulletins/n-065.shtml
www.kb.cert.org/vuls/id/571297
www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
www.securityfocus.com/bid/6872
exchange.xforce.ibmcloud.com/vulnerabilities/11339