How severe is CVE-2007-4474?

The severity of CVE-2007-4474 has not been assessed with CVSS v3.

CVE-2007-4474

Name: domino_web_access
Author: ibm

NONE

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attacker

Опубликовано: 12/27/2007Обновлено: 4/9/2025

Описание

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

ИИ-АнализНа базе ИИ

Затронутые продукты

ibmdomino_web_access

6.0

ibmdomino_web_access

6.0.1

ibmdomino_web_access

6.0.1.1

ibmdomino_web_access

6.0.2

ibmdomino_web_access

6.0.3

ibmdomino_web_access

6.0.4

ibmdomino_web_access

6.0.5

ibmdomino_web_access

6.5

ibmdomino_web_access

6.5.1

ibmdomino_web_access

6.5.2

ibmdomino_web_access

6.5.3

ibmdomino_web_access

6.5.4

ibmdomino_web_access

6.5.5

ibmdomino_web_access

7.0

ibmdomino_web_access

7.0.1

ibmlotus_domino_web_access

7.0.1

ibmlotus_domino_web_access

7.0.34.1

Описание

ИИ-АнализНа базе ИИ

Затронутые продукты

Доступные эксплойты (4)

IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow

IBM Domino Web Access Upload Module - 'dwa7w.dll' Remote Buffer Overflow

IBM Domino Web Access Upload Module - Overwrite (SEH)

IBM Lotus Domino Web Access Upload Module - Remote Buffer Overflow (Metasploit)

Ссылки