Lucene search
MitreCVE-2009-3114HistorySep 09, 2009 - 10:30 p.m.
CVE-2009-3114
2009-09-0922:30:00
CWE-94
mitre
web.nvd.nist.gov
24
ibm lotus notes
rss reader
cve-2009-3114
security vulnerability
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.009
Percentile
82.6%
The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer’s Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.
Affected configurations
Node
ibmlotus_notesMatch8.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_notes | 8.5 | cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-3114
2009-09-09 22:00:00
openvas
openvas
IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability - Windows
2009-09-11 00:00:00
IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability - Linux
2009-09-11 00:00:00
IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (Windows)
2009-09-11 00:00:00
prion
prion
Design/Logic Flaw
2009-09-09 22:30:00
nvd
nvd
CVE-2009-3114
2009-09-09 22:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.009
Percentile
82.6%
Related for CVE-2009-3114