CVE-2010-3407 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Affected Products (NVD)

Vendor	Product	Version
ibm	lotus_domino	8.0
ibm	lotus_domino	8.0.1
ibm	lotus_domino	8.0.2
ibm	lotus_domino	8.0.2.1
ibm	lotus_domino	8.0.2.2
ibm	lotus_domino	8.0.2.3
ibm	lotus_domino	8.0.2.4
ibm	lotus_domino	8.5.0
ibm	lotus_domino	8.5.0.1
ibm	lotus_domino	8.5.1
ibm	lotus_domino	8.5.1.1

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow/

http://labs.mwrinfosecurity.com/files/Advisories/mwri_lotus-domino-ical-stack-overflow_2010-09-14.pdf

http://secunia.com/advisories/41433

http://securitytracker.com/id?1024448

http://www-01.ibm.com/support/docview.wss?uid=swg21446515

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/52f9218288b51dcb852576c600741f72?OpenDocument

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/613a204806e3f211852576e2006afa3d?OpenDocument

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/af36678d60bd74288525778400534d7c?OpenDocument

http://www.exploit-db.com/exploits/15005

http://www.securityfocus.com/archive/1/513706/100/0/threaded

http://www.securityfocus.com/bid/43219

http://www.vupen.com/english/advisories/2010/2381

http://www.zerodayinitiative.com/advisories/ZDI-10-177/

https://exchange.xforce.ibmcloud.com/vulnerabilities/61790

http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow/

http://labs.mwrinfosecurity.com/files/Advisories/mwri_lotus-domino-ical-stack-overflow_2010-09-14.pdf

http://secunia.com/advisories/41433

http://securitytracker.com/id?1024448

http://www-01.ibm.com/support/docview.wss?uid=swg21446515

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/52f9218288b51dcb852576c600741f72?OpenDocument

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/613a204806e3f211852576e2006afa3d?OpenDocument

http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/af36678d60bd74288525778400534d7c?OpenDocument

http://www.exploit-db.com/exploits/15005

http://www.securityfocus.com/archive/1/513706/100/0/threaded

http://www.securityfocus.com/bid/43219

http://www.vupen.com/english/advisories/2010/2381

http://www.zerodayinitiative.com/advisories/ZDI-10-177/

https://exchange.xforce.ibmcloud.com/vulnerabilities/61790