CVE-2010-0919

{"id": "CVE-2010-0919", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-03-03T19:30:00.743", "references": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38681", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38744", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/38755", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1023662", "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/62612", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/38457", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/38459", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/0495", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/0496", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555", "source": "cve@mitre.org"}, {"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/38681", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/38744", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/38755", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1023662", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/62612", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/38457", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/38459", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/0495", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2010/0496", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ."}], "lastModified": "2024-11-21T01:13:12.660", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B653AE06-0056-45AA-B321-391EE70532B9"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D5C812F-4B1E-42A1-A478-978DF925D22D"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "723845C5-91E1-4BED-B41F-9E0A0DB629D0"}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00", "versionEndIncluding": "229.271"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B"}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}