Lucene search

MitreCVE-2009-3038

HistorySep 01, 2009 - 4:30 p.m.

CVE-2009-3038

2009-09-0116:30:00

mitre

web.nvd.nist.gov

cve-2009-3038

activex control

lnresobject.dll

rim

lotus notes connector

blackberry desktop manager

denial of service

internet explorer

crash

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON

A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of service (Internet Explorer crash) by referencing the control’s CLSID in the classid attribute of an OBJECT element.

Affected configurations

Nvd

Node

ibmlotus_notes_connectorblackberry_desktop_manager_5.0.0.11

AND

rimblackberry_desktop_managerMatch5.0.0.11

VendorProductVersionCPE
ibmlotus_notes_connector*cpe:2.3:a:ibm:lotus_notes_connector:*:*:blackberry_desktop_manager_5.0.0.11:*:*:*:*:*
rimblackberry_desktop_manager5.0.0.11cpe:2.3:a:rim:blackberry_desktop_manager:5.0.0.11:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_notes_connector	*	cpe:2.3:a:ibm:lotus_notes_connector:::blackberry_desktop_manager_5.0.0.11:::::*
rim	blackberry_desktop_manager	5.0.0.11	cpe:2.3:a:rim:blackberry_desktop_manager:5.0.0.11:::::::*

References

www.exploit-db.com/exploits/9517

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON

Related for CVE-2009-3038