Lucene search

K
cvelistHCLCVELIST:CVE-2022-44751
HistoryDec 17, 2022 - 1:48 a.m.

CVE-2022-44751 HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView

2022-12-1701:48:38
HCL
www.cve.org
1
hcl notes
stack buffer overflow
lasr.dll
micro focus keyview
remote unauthenticated attacker
crash
execute arbitrary code
lotus ami pro file
ibm

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755. Β This vulnerability applies to software previously licensed by IBM.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Notes",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "9, 10"
      }
    ]
  }
]

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

40.4%

Related for CVELIST:CVE-2022-44751