CVE-2022-44754
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM.
HCL Domino es susceptible a una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en lasr.dll en Micro Focus KeyView. Esto podría permitir que un atacante remoto no autenticado bloquee la aplicación o ejecute código arbitrario a través de un archivo Lotus Ami Pro manipulado. Esto es diferente de la vulnerabilidad descrita en CVE-2022-44750. A esta vulnerabilidad se aplica al software con licencia previa de IBM.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-11-04 CVE Reserved
- 2022-12-17 CVE Published
- 2024-07-24 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0 Search vendor "Hcltech" for product "Domino" and version "9.0" | - |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | - |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | - |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_10_interim_fix_3 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_10_interim_fix_4 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_10_interim_fix_5 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_8 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_8_interim_fix_1 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_8_interim_fix_2 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | feature_pack_8_interim_fix_3 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_10 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_3 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_4 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_5 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_6 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_7 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_8 |
Affected
| ||||||
| Hcltech Search vendor "Hcltech" | Domino Search vendor "Hcltech" for product "Domino" | 9.0.1 Search vendor "Hcltech" for product "Domino" and version "9.0.1" | fixpack_9 |
Affected
| ||||||