Lucene search

[email protected]CVE-2009-3038

HistorySep 01, 2009 - 4:30 p.m.

CVE-2009-3038

2009-09-0116:30:00

[email protected]

web.nvd.nist.gov

cve-2009-3038

activex control

lnresobject.dll

rim

lotus notes connector

blackberry desktop manager

denial of service

internet explorer

crash

vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.7%

JSON

A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control’s CLSID in the classid attribute of an OBJECT element.

Affected configurations

NVD

Node

ibmlotus_notes_connectorblackberry_desktop_manager_5.0.0.11

AND

rimblackberry_desktop_managerMatch5.0.0.11

CPENameOperatorVersion
ibm:lotus_notes_connectoribm lotus notes connectoreq*

CPE	Name	Operator	Version
ibm:lotus_notes_connector	ibm lotus notes connector	eq	*

References

www.exploit-db.com/exploits/9517

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.7%

JSON

Related for CVE-2009-3038

prion1 nvd1 cvelist1 checkpoint_advisories1