CVE-2008-1217

EUVD-2008-1226
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
ibmlotus_notes
6.5
ibmlotus_notes
7.0.2
ibmlotus_notes
8.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://securitytracker.com/id?1019464
http://www-1.ibm.com/support/docview.wss?uid=swg21271957
http://securitytracker.com/id?1019464
http://www-1.ibm.com/support/docview.wss?uid=swg21271957