Lucene search

[email protected]CVE-2010-0275

HistoryJan 09, 2010 - 6:30 p.m.

CVE-2010-0275

2010-01-0918:30:01

[email protected]

web.nvd.nist.gov

ibm

lotus

inotes

ultra-light mode

cve-2010-0275

domino

web access

dwa

nvd

security

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Affected configurations

NVD

Node

ibmlotus_inotesRange≤229.231

ibmlotus_inotesMatch229.011

ibmlotus_inotesMatch229.021

ibmlotus_inotesMatch229.031

ibmlotus_inotesMatch229.041

ibmlotus_inotesMatch229.051

ibmlotus_inotesMatch229.061

ibmlotus_inotesMatch229.101

ibmlotus_inotesMatch229.111

ibmlotus_inotesMatch229.131

ibmlotus_inotesMatch229.141

ibmlotus_inotesMatch229.151

ibmlotus_inotesMatch229.161

ibmlotus_inotesMatch229.171

ibmlotus_inotesMatch229.181

ibmlotus_inotesMatch229.191

ibmlotus_inotesMatch229.201

ibmlotus_inotesMatch229.211

ibmlotus_inotesMatch229.221

AND

ibmlotus_dominoMatch8.0.2.3

VendorProductVersionCPE
ibmlotus_inotes229.111cpe:/a:ibm:lotus_inotes:229.111:::
ibmlotus_inotes229.221cpe:/a:ibm:lotus_inotes:229.221:::
ibmlotus_inotes229.041cpe:/a:ibm:lotus_inotes:229.041:::
ibmlotus_inotes229.191cpe:/a:ibm:lotus_inotes:229.191:::
ibmlotus_inotes229.141cpe:/a:ibm:lotus_inotes:229.141:::
ibmlotus_inotes229.211cpe:/a:ibm:lotus_inotes:229.211:::
ibmlotus_inotes229.201cpe:/a:ibm:lotus_inotes:229.201:::
ibmlotus_inotes229.031cpe:/a:ibm:lotus_inotes:229.031:::
ibmlotus_inotes229.181cpe:/a:ibm:lotus_inotes:229.181:::
ibmlotus_inotes229.061cpe:/a:ibm:lotus_inotes:229.061:::

Vendor	Product	Version	CPE
ibm	lotus_inotes	229.111	cpe:/a:ibm:lotus_inotes:229.111:::
ibm	lotus_inotes	229.221	cpe:/a:ibm:lotus_inotes:229.221:::
ibm	lotus_inotes	229.041	cpe:/a:ibm:lotus_inotes:229.041:::
ibm	lotus_inotes	229.191	cpe:/a:ibm:lotus_inotes:229.191:::
ibm	lotus_inotes	229.141	cpe:/a:ibm:lotus_inotes:229.141:::
ibm	lotus_inotes	229.211	cpe:/a:ibm:lotus_inotes:229.211:::
ibm	lotus_inotes	229.201	cpe:/a:ibm:lotus_inotes:229.201:::
ibm	lotus_inotes	229.031	cpe:/a:ibm:lotus_inotes:229.031:::
ibm	lotus_inotes	229.181	cpe:/a:ibm:lotus_inotes:229.181:::
ibm	lotus_inotes	229.061	cpe:/a:ibm:lotus_inotes:229.061:::

Rows per page:

1-10 of 191

References

secunia.com/advisories/38026

www-01.ibm.com/support/docview.wss?uid=swg27017776

www.securityfocus.com/bid/37675

www.vupen.com/english/advisories/2010/0077

exchange.xforce.ibmcloud.com/vulnerabilities/55471

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

69.6%

JSON

Related for CVE-2010-0275

nvd1 prion1 cvelist1