CVE-2010-0276

IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the "Try Lotus iNotes anyway" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/38026	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg27017776
http://www.securityfocus.com/bid/37675
http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55473
http://secunia.com/advisories/38026	Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg27017776
http://www.securityfocus.com/bid/37675
http://www.vupen.com/english/advisories/2010/0077	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/55473

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ibm:domino_web_access::::::::
	cpe:2.3:a:ibm:lotus_inotes::::::::

cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*

History

21 Nov 2024, 01:11

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/38026 - Vendor Advisory~~	() http://secunia.com/advisories/38026 - Vendor Advisory
References	~~() http://www-01.ibm.com/support/docview.wss?uid=swg27017776 -~~	() http://www-01.ibm.com/support/docview.wss?uid=swg27017776 -
References	~~() http://www.securityfocus.com/bid/37675 -~~	() http://www.securityfocus.com/bid/37675 -
References	~~() http://www.vupen.com/english/advisories/2010/0077 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2010/0077 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/55473 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/55473 -

Information

Published : 2010-01-09 18:30

Updated : 2024-11-21 01:11

NVD link : CVE-2010-0276

Mitre link : CVE-2010-0276

CVE.ORG link : CVE-2010-0276

JSON object : View

Products Affected

ibm

lotus_domino
domino_web_access
lotus_inotes

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-0276", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": true, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-01-09T18:30:01.947", "references": [{"url": "http://secunia.com/advisories/38026", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/37675", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/0077", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38026", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27017776", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/37675", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/0077", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55473", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle navigation of the \"Try Lotus iNotes anyway\" link from the page that reports use of an unsupported browser, which has unspecified impact and attack vectors, aka SPR LSHR7TBMQU."}, {"lang": "es", "value": "IBM Lotus iNotes (tambi\u00e9n conocido como Domino Web Access o DWA) anterior a v229.241 para Domino v8.0.2 FP3 no maneja adecuadamente la navegaci\u00f3n del \"Try Lotus iNotes anyway\" enlace desde la p\u00e1gina que informa del uso de un navegador no soportado, tiene u impacto y vectores de ataque sin especificar, tambi\u00e9n conocido como SPR LSHR7TBMQU."}], "lastModified": "2024-11-21T01:11:53.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:domino_web_access:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D53FB16-F441-48A4-A685-48257107EAC8"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52A641CD-F146-4732-8C4A-8DF6C230EE8F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}