CVE-2007-1675

2007-03-2821:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-1675

buffer overflow

cram-md5

authentication

imap server

ibm lotus domino

nvd

6.6 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.927 High

EPSS

Percentile

99.0%

JSON

Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.

CPENameOperatorVersion
ibm:lotus_dominoibm lotus dominoeq6.5.4
ibm:lotus_dominoibm lotus dominoeq6.5.2
ibm:lotus_dominoibm lotus dominoeq6.5.1
ibm:lotus_dominoibm lotus dominoeq7.0
ibm:lotus_dominoibm lotus dominoeq6.5.0
ibm:lotus_dominoibm lotus dominoeq6.5.5
ibm:lotus_dominoibm lotus dominoeq6.5.3
ibm:lotus_dominoibm lotus dominoeq7.0.2
ibm:lotus_dominoibm lotus dominoeq7.0.1

CPE	Name	Operator	Version
ibm:lotus_domino	ibm lotus domino	eq	6.5.4
ibm:lotus_domino	ibm lotus domino	eq	6.5.2
ibm:lotus_domino	ibm lotus domino	eq	6.5.1
ibm:lotus_domino	ibm lotus domino	eq	7.0
ibm:lotus_domino	ibm lotus domino	eq	6.5.0
ibm:lotus_domino	ibm lotus domino	eq	6.5.5
ibm:lotus_domino	ibm lotus domino	eq	6.5.3
ibm:lotus_domino	ibm lotus domino	eq	7.0.2
ibm:lotus_domino	ibm lotus domino	eq	7.0.1