Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2010-3407
HistorySep 16, 2010 - 9:00 p.m.

CVE-2010-3407

2010-09-1621:00:02
CWE-119
mitre
web.nvd.nist.gov
47
cve-2010-3407
buffer overflow
mailcheck821address
nrouter.exe
ibm lotus domino 8.0.x
ibm lotus domino 8.5.x
remote code execution
email header
icalendar
calendar-invitation
nvd
security vulnerability

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.928

Percentile

99.1%

JSON

Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.

Affected configurations

Nvd
Node
ibmlotus_dominoMatch8.0
OR
ibmlotus_dominoMatch8.0.1
OR
ibmlotus_dominoMatch8.0.2
OR
ibmlotus_dominoMatch8.0.2.1
OR
ibmlotus_dominoMatch8.0.2.2
OR
ibmlotus_dominoMatch8.0.2.3
OR
ibmlotus_dominoMatch8.0.2.4
OR
ibmlotus_dominoMatch8.5.0
OR
ibmlotus_dominoMatch8.5.0.1
OR
ibmlotus_dominoMatch8.5.1
OR
ibmlotus_dominoMatch8.5.1.1
VendorProductVersionCPE
ibmlotus_domino8.0cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*
ibmlotus_domino8.0.1cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*
ibmlotus_domino8.0.2cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*
ibmlotus_domino8.0.2.1cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*
ibmlotus_domino8.0.2.2cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*
ibmlotus_domino8.0.2.3cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
ibmlotus_domino8.0.2.4cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*
ibmlotus_domino8.5.0cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
ibmlotus_domino8.5.0.1cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
ibmlotus_domino8.5.1cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

References

Related

metasploit 1
saint 4
prion 1
openvas 1
nessus 1
d2 1
packetstorm 1
exploitdb 2
cvelist 1
nvd 1
metasploit
metasploit
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
2011-04-04 17:43:34
saint
saint
Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow
2010-09-24 00:00:00
Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow
2010-09-24 00:00:00
Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow
2010-09-24 00:00:00
prion
prion
Stack overflow
2010-09-16 21:00:00
openvas
openvas
IBM Lotus Domino iCalendar Remote Stack Buffer Overflow Vulnerability
2010-09-29 00:00:00
nessus
nessus
IBM Lotus Domino iCalendar Email Address ORGANIZER:mailto Header Remote Overflow
2011-04-22 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_LOTUSCAL
2010-09-16 21:00:00
packetstorm
packetstorm
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
2011-04-06 00:00:00
exploitdb
exploitdb
IBM Lotus Domino iCalendar - Email Address Stack Buffer Overflow
2010-09-14 00:00:00
IBM Lotus Domino iCalendar - MAILTO Buffer Overflow (Metasploit)
2011-04-04 00:00:00
cvelist
cvelist
CVE-2010-3407
2010-09-16 20:00:00
nvd
nvd
CVE-2010-3407
2010-09-16 21:00:02

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

Low

EPSS

0.928

Percentile

99.1%

JSON
Related for CVE-2010-3407
metasploit1saint4prion1openvas1nessus1d21packetstorm1exploitdb2cvelist1nvd1