NVD

Id
56597  
Name
CVE-2007-4474  
Description
Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-12-27  
Modified Date
2011-03-07  
Seq
2007-4474  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
288389 56597 CVE-2007-4474 20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption  View
288390 56597 CVE-2007-4474 VU#963889  View
288391 56597 CVE-2007-4474 4818  View
288392 56597 CVE-2007-4474 4820  View
288393 56597 CVE-2007-4474 5111  View
288394 56597 CVE-2007-4474 26972  View
288395 56597 CVE-2007-4474 1019138  View
288396 56597 CVE-2007-4474 ADV-2007-4296  View
288397 56597 CVE-2007-4474 domino-dwa7w-bo(39175)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52393 JVNDB-2007-001085 IBM Lotus Domino Web Access の ActiveX control における複数のバッファオーバーフローの脆弱性 Domino の inotes6.dll および inotes6w.dll, dwa7.dll, dwa7w.dll で規定される IBM Lotus Domino ウェブアクセス ActiveX コントロールには、複数のスタックベースのバッファオーバーフローが発生する脆弱性が存在します。 CVE-2007-4474 27829 CVE-2007-4474 56597 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001085.html 2007-12-20 2008-01-22 View