Vulnerabilities > CVE-2007-5700 - Information Disclosure vulnerability and Buffer Overflow vulnerability in IBM Lotus Domino

CVSS 6.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

COMPLETE

Integrity impact

NONE

Availability impact

NONE

network

ibm

NVD

Published: 2007-10-29

Updated: 2017-07-29

Summary

The Evaluate LotusScript method in IBM Lotus Domino before 7.0.3 uses an incorrect security context for @ formula commands in some circumstances, which might allow remote authenticated users to gain privileges and obtain sensitive information.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Domino 6.5.5 IBM Lotus Domino 6.5.6 IBM Lotus Domino 7.0 IBM Lotus Domino 7.0.2	10

Saint

bid	26176
description	Lotus Domino IMAP mailbox name buffer overflow
id	mail_imap_domino
osvdb	40953
title	lotus_domino_imap_mbox_name
type	remote

References

http://osvdb.org/40951
http://secunia.com/advisories/27321
http://www.securityfocus.com/bid/26176
http://www.vupen.com/english/advisories/2007/3598
http://www-1.ibm.com/support/docview.wss?uid=swg21273266
https://exchange.xforce.ibmcloud.com/vulnerabilities/37369