Lucene search

IbmCVE-2013-6748

HistoryJan 29, 2014 - 5:37 a.m.

CVE-2013-6748

2014-01-2905:37:02

CWE-119

ibm

web.nvd.nist.gov

cve-2013-6748

buffer overflow

activex control

qp2.cab

ibm lotus quickr

domino 8.5.1

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.202

Percentile

96.4%

JSON

Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749.

Affected configurations

Nvd

Node

ibmlotus_quickr_for_dominoMatch8.5.1

VendorProductVersionCPE
ibmlotus_quickr_for_domino8.5.1cpe:2.3:a:ibm:lotus_quickr_for_domino:8.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_quickr_for_domino	8.5.1	cpe:2.3:a:ibm:lotus_quickr_for_domino:8.5.1:::::::*

References

osvdb.org/102597

secunia.com/advisories/56696

www.ibm.com/support/docview.wss?uid=swg21662653

www.securityfocus.com/bid/65191

exchange.xforce.ibmcloud.com/vulnerabilities/89864

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.202

Percentile

96.4%

JSON

Related for CVE-2013-6748