How severe is CVE-2007-4474?

The severity of CVE-2007-4474 has not been assessed with CVSS v3.

CVE-2007-4474: Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attacker | Zerodai Security

Name: domino_web_access
Author: ibm

説明

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

AI分析AIによる分析

影響を受ける製品

ibmdomino_web_access

6.0

ibmdomino_web_access

6.0.1

ibmdomino_web_access

6.0.1.1

ibmdomino_web_access

6.0.2

ibmdomino_web_access

6.0.3

ibmdomino_web_access

6.0.4

ibmdomino_web_access

6.0.5

ibmdomino_web_access

6.5

ibmdomino_web_access

6.5.1

ibmdomino_web_access

6.5.2

ibmdomino_web_access

6.5.3

ibmdomino_web_access

6.5.4

ibmdomino_web_access

6.5.5

ibmdomino_web_access

7.0

ibmdomino_web_access

7.0.1

ibmlotus_domino_web_access

7.0.1

ibmlotus_domino_web_access

7.0.34.1

説明

AI分析AIによる分析

影響を受ける製品

利用可能なエクスプロイト (4)

IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow

IBM Domino Web Access Upload Module - 'dwa7w.dll' Remote Buffer Overflow

IBM Domino Web Access Upload Module - Overwrite (SEH)

IBM Lotus Domino Web Access Upload Module - Remote Buffer Overflow (Metasploit)

参照