CVE-2007-4474
IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
6
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.
Múltiples desbordamientos de búfer basado en pila en el control ActiveX IBM Lotus Domino Web Access, proporcionado en inotes6.dll, inotes62.dll, dwa7.dll, y dwa7w.dll, en Domino 6.x y 7.x permiten a atacantes remotos ejecutar código de su elección, como se ha demostrado mediante un desbordamiento con un valor largo de la propiedad General_ServerName cuando se llama a la función InstallBrowserHelperDll del módulo Upload en el control dwa7.dwa7.1 de dwa7w.dll 7.0.34.1.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-08-22 CVE Reserved
- 2007-12-27 CVE Published
- 2010-09-20 First Exploit
- 2024-08-07 CVE Updated
- 2024-10-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/40954 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/963889 | Third Party Advisory |
|
| http://www.securitytracker.com/id?1019138 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/4296 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39175 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/4818 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/4820 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/5111 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/16502 | 2010-09-20 | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html | 2024-08-07 | |
| http://www.securityfocus.com/bid/26972 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/28184 | 2017-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0 Search vendor "Ibm" for product "Domino Web Access" and version "6.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.1 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.1.1 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.1.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.2 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.3 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.4 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.0.5 Search vendor "Ibm" for product "Domino Web Access" and version "6.0.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5 Search vendor "Ibm" for product "Domino Web Access" and version "6.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5.1 Search vendor "Ibm" for product "Domino Web Access" and version "6.5.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5.2 Search vendor "Ibm" for product "Domino Web Access" and version "6.5.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5.3 Search vendor "Ibm" for product "Domino Web Access" and version "6.5.3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5.4 Search vendor "Ibm" for product "Domino Web Access" and version "6.5.4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 6.5.5 Search vendor "Ibm" for product "Domino Web Access" and version "6.5.5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 7.0 Search vendor "Ibm" for product "Domino Web Access" and version "7.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Domino Web Access Search vendor "Ibm" for product "Domino Web Access" | 7.0.1 Search vendor "Ibm" for product "Domino Web Access" and version "7.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Web Access Search vendor "Ibm" for product "Lotus Domino Web Access" | 7.0.1 Search vendor "Ibm" for product "Lotus Domino Web Access" and version "7.0.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Lotus Domino Web Access Search vendor "Ibm" for product "Lotus Domino Web Access" | 7.0.34.1 Search vendor "Ibm" for product "Lotus Domino Web Access" and version "7.0.34.1" | - |
Affected
| ||||||