mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
318 lines
11 KiB
JSON
318 lines
11 KiB
JSON
{
|
|
"id": "CVE-2010-0919",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2010-03-03T19:30:00.743",
|
|
"lastModified": "2017-08-17T01:32:10.040",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "HIGH",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 7.6
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 4.9,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B653AE06-0056-45AA-B321-391EE70532B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D5C812F-4B1E-42A1-A478-978DF925D22D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "723845C5-91E1-4BED-B41F-9E0A0DB629D0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "229.271",
|
|
"matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/38681",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/38744",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/38755",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1023662",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/62612",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/38457",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/38459",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2010/0495",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2010/0496",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |