Lucene search

[email protected]NVD:CVE-2007-5700

HistoryOct 29, 2007 - 9:46 p.m.

CVE-2007-5700

2007-10-2921:46:00

[email protected]

web.nvd.nist.gov

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:C/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

65.3%

JSON

The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information.

Affected configurations

Nvd

Node

ibmlotus_dominoMatch6.5.5

ibmlotus_dominoMatch6.5.5fp1

ibmlotus_dominoMatch6.5.5fp2

ibmlotus_dominoMatch6.5.5fp3

ibmlotus_dominoMatch6.5.6

ibmlotus_dominoMatch6.5.6fp1

ibmlotus_dominoMatch7.0

ibmlotus_dominoMatch7.0.2

ibmlotus_dominoMatch7.0.2fp1

ibmlotus_dominoMatch7.0.2fp2

VendorProductVersionCPE
ibmlotus_domino6.5.5cpe:2.3:a:ibm:lotus_domino:6.5.5:*:*:*:*:*:*:*
ibmlotus_domino6.5.5cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp1:*:*:*:*:*
ibmlotus_domino6.5.5cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp2:*:*:*:*:*
ibmlotus_domino6.5.5cpe:2.3:a:ibm:lotus_domino:6.5.5:*:fp3:*:*:*:*:*
ibmlotus_domino6.5.6cpe:2.3:a:ibm:lotus_domino:6.5.6:*:*:*:*:*:*:*
ibmlotus_domino6.5.6cpe:2.3:a:ibm:lotus_domino:6.5.6:*:fp1:*:*:*:*:*
ibmlotus_domino7.0cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*
ibmlotus_domino7.0.2cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*
ibmlotus_domino7.0.2cpe:2.3:a:ibm:lotus_domino:7.0.2:*:fp1:*:*:*:*:*
ibmlotus_domino7.0.2cpe:2.3:a:ibm:lotus_domino:7.0.2:*:fp2:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_domino	6.5.5	cpe:2.3:a:ibm:lotus_domino:6.5.5:::::::*
ibm	lotus_domino	6.5.5	cpe:2.3:a:ibm:lotus_domino:6.5.5::fp1:::::
ibm	lotus_domino	6.5.5	cpe:2.3:a:ibm:lotus_domino:6.5.5::fp2:::::
ibm	lotus_domino	6.5.5	cpe:2.3:a:ibm:lotus_domino:6.5.5::fp3:::::
ibm	lotus_domino	6.5.6	cpe:2.3:a:ibm:lotus_domino:6.5.6:::::::*
ibm	lotus_domino	6.5.6	cpe:2.3:a:ibm:lotus_domino:6.5.6::fp1:::::
ibm	lotus_domino	7.0	cpe:2.3:a:ibm:lotus_domino:7.0:::::::*
ibm	lotus_domino	7.0.2	cpe:2.3:a:ibm:lotus_domino:7.0.2:::::::*
ibm	lotus_domino	7.0.2	cpe:2.3:a:ibm:lotus_domino:7.0.2::fp1:::::
ibm	lotus_domino	7.0.2	cpe:2.3:a:ibm:lotus_domino:7.0.2::fp2:::::

References

osvdb.org/40951

secunia.com/advisories/27321

www-1.ibm.com/support/docview.wss?uid=swg21273266

www.securityfocus.com/bid/26176

www.vupen.com/english/advisories/2007/3598

exchange.xforce.ibmcloud.com/vulnerabilities/37369

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:C/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.002

Percentile

65.3%

JSON

Related for NVD:CVE-2007-5700

prion1 cvelist1 cve1