mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
105 lines
3.2 KiB
JSON
105 lines
3.2 KiB
JSON
{
|
|
"id": "CVE-2007-1784",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-03-31T01:19:00.000",
|
|
"lastModified": "2017-07-29T01:30:59.237",
|
|
"vulnStatus": "Modified",
|
|
"evaluatorSolution": "This vulnerability is addressed in the following product advisory: \r\nhttp://www-1.ibm.com/support/docview.wss?uid=swg21257029",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "El control ActiveX JNILoader (STJNILoader.ocx) 3.1.0.26 en IBM Lotus Notes Sametime anterior a 7.5 permite a atacantes remotos cargar librerias DLL de su elecci\u00f3n y ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos de su elecci\u00f3n en la funci\u00f3n loadLibrary."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_sametime:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "7.0",
|
|
"matchCriteriaId": "4EC83731-C73B-4891-8EBF-743938F841B2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:lotus_sametime:7.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8C5FF0F3-D0E6-4933-8826-50C5584D0615"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257029",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/23201",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1017828",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33314",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |