CVE-2006-3778
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
IBM Lotus Notes 6.0, 6.5, and 7.0 does not properly handle replies to e-mail messages with alternate name users when the (1) "Save As Draft" option is used or (2) a "," (comma) is inside the "phrase" portion of an address, which can cause the e-mail to be sent to users that were deleted from the To, CC, and BCC fields, which allows remote attackers to obtain the list of original recipients.
IBM Lotus Notes 6.0, 6.5, y 7.0 no maneja adecuadamente las respuestas a mensajes de correo con nombres de usuario alternativo cuando la opción(1) "Guardar como borrador" es utilizada o (2) una "," (coma) está dentro de la porción de una dirección, la cual podría hacer que el email sea envíado a usuarios que fueron borrados desde los campos To, CC y BBC, lo cual permite a un atacante remotos obtener una lista de receptores originales.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-07-21 CVE Reserved
- 2006-07-21 CVE Published
- 2023-05-25 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://securitytracker.com/id?1016516 | Vdb Entry | |
http://securitytracker.com/id?1016819 | Vdb Entry | |
http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21243602 | X_refsource_confirm |
URL | Date | SRC |
---|---|---|
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21240386 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/21096 | 2008-09-05 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.0 Search vendor "Ibm" for product "Lotus Notes" and version "6.0" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 6.5 Search vendor "Ibm" for product "Lotus Notes" and version "6.5" | - |
Affected
| ||||||
Ibm Search vendor "Ibm" | Lotus Notes Search vendor "Ibm" for product "Lotus Notes" | 7.0 Search vendor "Ibm" for product "Lotus Notes" and version "7.0" | - |
Affected
|