9.0.1

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

hcltech

CWE-787

NVD

Published: 2022-12-19

Updated: 2023-11-07

Summary

HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licensed by IBM.

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Notes 9.0.1 Hcltech Notes 10.0.1	39

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260