CVE-2007-3510

Properties

Published:
28.10.2007
Updated:
31.10.2007
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:H/Au:S/C:C/I:C/A:C)
Product:
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino
IBM: Lotus Domino

Vulnerability description

Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name.

References:

IDEFENSE: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=605
http://www-1.ibm.com/support/docview.wss?uid=swg21270623: http://www-1.ibm.com/support/docview.wss?uid=swg21270623
BID: http://www.securityfocus.com/bid/26176
FRSIRT: http://www.frsirt.com/english/advisories/2007/3598
SECTRACK: http://www.securitytracker.com/id?1018854
SECUNIA: http://secunia.com/advisories/27321
XF: http://xforce.iss.net/xforce/xfdb/37365