CVE-2010-0919

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

CVSS v2.0 7.6 HIGH

7.6^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21421808	Vendor Advisory
http://www.securityfocus.com/bid/38457
http://www.osvdb.org/62612
http://secunia.com/advisories/38681	Vendor Advisory
http://www.vupen.com/english/advisories/2010/0496	Patch Vendor Advisory
http://www.securityfocus.com/bid/38459
http://www.vupen.com/english/advisories/2010/0495	Vendor Advisory
http://secunia.com/advisories/38755	Vendor Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
http://securitytracker.com/id?1023662
http://www-01.ibm.com/support/docview.wss?uid=swg27018109	Vendor Advisory
http://secunia.com/advisories/38744	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56555

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:domino_web_access:8.0.2:::::::*
	cpe:2.3:a:ibm:domino_web_access:7.0.3:::::::*
	cpe:2.3:a:ibm:domino_web_access:8.0:::::::*
	cpe:2.3:a:ibm:domino_web_access:6.5:::::::*
	cpe:2.3:a:ibm:domino_web_access:7.0:::::::*
	cpe:2.3:a:ibm:domino_web_access:7.0.1:::::::*
	cpe:2.3:a:ibm:domino_web_access:7.0.2:::::::*

Configuration 2 (hide)

AND

OR	cpe:2.3:a:ibm:lotus_inotes:229.201:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.191:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.111:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.101:::::::*
	cpe:2.3:a:ibm:lotus_inotes::::::::
	cpe:2.3:a:ibm:lotus_inotes:229.221:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.211:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.141:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.131:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.021:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.011:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.161:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.261:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.231:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.061:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.251:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.181:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.241:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.151:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.051:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.041:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.031:::::::*
	cpe:2.3:a:ibm:lotus_inotes:229.171:::::::*

cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*

Information

Published : 2010-03-03 11:30

Updated : 2017-08-16 18:32

NVD link : CVE-2010-0919

Mitre link : CVE-2010-0919

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

ibm

lotus_domino
domino_web_access
lotus_inotes

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/38457", "name": "38457", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/62612", "name": "62612", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/38681", "name": "38681", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2010/0496", "name": "ADV-2010-0496", "tags": ["Patch", "Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/bid/38459", "name": "38459", "tags": [], "refsource": "BID"}, {"url": "http://www.vupen.com/english/advisories/2010/0495", "name": "ADV-2010-0495", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/38755", "name": "38755", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857", "name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://securitytracker.com/id?1023662", "name": "1023662", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/38744", "name": "38744", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555", "name": "inotes-activex-bo(56555)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0919", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2010-03-03T19:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "229.271"}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:32Z"}

7.6 /10