{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-25T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "inotes-activex-bo(56555)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"}, {"name": "62612", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/62612"}, {"name": "1023662", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1023662"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"}, {"name": "ADV-2010-0496", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0496"}, {"name": "38459", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38459"}, {"name": "38755", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38755"}, {"name": "38744", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38744"}, {"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"}, {"name": "38457", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38457"}, {"name": "38681", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38681"}, {"name": "ADV-2010-0495", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0495"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-0919", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "inotes-activex-bo(56555)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"}, {"name": "62612", "refsource": "OSVDB", "url": "http://www.osvdb.org/62612"}, {"name": "1023662", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1023662"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"}, {"name": "ADV-2010-0496", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0496"}, {"name": "38459", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38459"}, {"name": "38755", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38755"}, {"name": "38744", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38744"}, {"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"}, {"name": "38457", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38457"}, {"name": "38681", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38681"}, {"name": "ADV-2010-0495", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0495"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T01:06:52.455Z"}, "title": "CVE Program Container", "references": [{"name": "inotes-activex-bo(56555)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"}, {"name": "62612", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/62612"}, {"name": "1023662", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1023662"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"}, {"name": "ADV-2010-0496", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0496"}, {"name": "38459", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38459"}, {"name": "38755", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38755"}, {"name": "38744", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38744"}, {"name": "20100301 IBM Lotus Domino Web Access ActiveX Stack Buffer Overflow Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"}, {"name": "38457", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38457"}, {"name": "38681", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38681"}, {"name": "ADV-2010-0495", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0495"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-0919", "datePublished": "2010-03-03T19:00:00", "dateReserved": "2010-03-03T00:00:00", "dateUpdated": "2024-08-07T01:06:52.455Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "220211F3-8AF4-419E-BB10-0E954F002DFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "4854AD77-45A0-45AB-B9DA-77FFB7531C5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "86A823BB-48B7-4F84-A01A-754987FDBD00", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B653AE06-0056-45AA-B321-391EE70532B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D5C812F-4B1E-42A1-A478-978DF925D22D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "723845C5-91E1-4BED-B41F-9E0A0DB629D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:domino_web_access:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "DDDCE5E6-F37D-4D1B-B863-E8FE8ABA79E2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA92AB06-5510-4109-AE3A-75834E5F8A00", "versionEndIncluding": "229.271", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*", "matchCriteriaId": "62AF2DA6-98E4-4921-B36C-AA5771B3629E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*", "matchCriteriaId": "3CC0B87F-B742-466D-BF93-56BFECAC2E54", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*", "matchCriteriaId": "708BEAEF-B186-470D-8148-9C0703B42765", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*", "matchCriteriaId": "83C58751-33AE-4A3F-A096-AB13FC8A64A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*", "matchCriteriaId": "01E2E70E-3C00-4AA2-AF8D-349E82806FA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*", "matchCriteriaId": "3508BE09-6B84-4819-BC0F-7E23964FE29D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*", "matchCriteriaId": "1A17FFE5-97F5-45D0-8C54-3C22BF1FFA72", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*", "matchCriteriaId": "CE8C8052-8980-4265-929B-E27B6A914B4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*", "matchCriteriaId": "2D6C0F89-47E6-4895-909D-6AF8DBFE2477", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*", "matchCriteriaId": "590EBAF8-04A9-4DAD-9FCF-B1B38FF03374", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*", "matchCriteriaId": "717F7305-98E1-403D-B08A-6FE1FD83D2C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*", "matchCriteriaId": "3C4B46DA-B4E6-4AB0-AD85-7C77EFE14063", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*", "matchCriteriaId": "E1862CF3-0BF2-4F1B-80A9-0B5B02005A1C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*", "matchCriteriaId": "1CC9488A-F368-498E-8CDE-2ADC6AED470B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*", "matchCriteriaId": "A2F8C056-91A2-410B-942A-E108B93AD1E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*", "matchCriteriaId": "BCD1A2BB-F7FC-4FE1-B633-F0AF79E0F5FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*", "matchCriteriaId": "805C7074-679E-4F11-A055-8C52B4E26F5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*", "matchCriteriaId": "840A1975-0C5B-44F0-9F2E-1BBE02AA0484", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.231:*:*:*:*:*:*:*", "matchCriteriaId": "33A29245-F9DA-4F77-91EE-21C1FA3CE784", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.241:*:*:*:*:*:*:*", "matchCriteriaId": "B55ED49B-092B-411B-84AE-847770EE096B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.251:*:*:*:*:*:*:*", "matchCriteriaId": "483C2E2D-424C-453B-9D51-F53C6B32178B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_inotes:229.261:*:*:*:*:*:*:*", "matchCriteriaId": "4348F385-9AE1-4F8C-9F22-BE50FCA3710B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX Lotus Domino Web Access en IBM Lotus iNotes (alias Domino Web Access o DWA) 6.5, 7.0 en versiones anteriores a la 7.0.4, 8.0, 8.0.2 y en versiones anteriores a la 229.281 para Domino 8.0.2 FP4 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un argumento URL largo a un m\u00e9todo no especificado, alias PRAD7JTNHJ."}], "id": "CVE-2010-0919", "lastModified": "2024-11-21T01:13:12.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-03-03T19:30:00.743", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38681"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38744"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38755"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1023662"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/62612"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38457"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/38459"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0495"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0496"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38681"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38744"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38755"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1023662"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421808"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg27018109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/62612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/38457"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/38459"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0495"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0496"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56555"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}