Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-2280Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Lotus Notes

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
3.9%
top 11.66%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Lotus Notes
Timeline
PublishedDec 31
Latest updateApr 29

Description

Buffer overflow in IBM Lotus Notes 6.5.x before 6.5.3 and 6.0.x before 6.0.5 allows remote attackers to cause a denial of service (crash) via unknown vectors related to Java applets, as identified by KSPR62F4KN.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/lotus_notes10 versions+9

Patches

Patch: www-1.ibm.comPatch: www.osvdb.orgPatch: www-1.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-9vxf-mr7f-qm9r: Buffer overflow in IBM Lotus Notes 62022-04-29
CVEList
CVE-2004-2280: Buffer overflow in IBM Lotus Notes 62005-07-19

💥Exploits & PoCs

1
Exploit-DB
IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities2004-07-13