CVE-2007-3510 — Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Lotus Domino

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources

Severity

9.0CRITICALNVD

EPSS

8.7%

top 7.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Domino

Timeline

PublishedOct 29

Latest updateMay 1

Description

Buffer overflow in the IMAP service in IBM Lotus Domino before 6.5.6 FP2, and 7.x before 7.0.3, allows remote authenticated users to execute arbitrary code via a long mailbox name.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/lotus_domino4 versions+3

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-xg2j-5v2f-c764: Buffer overflow in the IMAP service in IBM Lotus Domino before 6↗2022-05-01

▶

CVEList

CVE-2007-3510: Buffer overflow in the IMAP service in IBM Lotus Domino before 6↗2007-10-29

▶

💬Community

Bugzilla

A number of tomcat issues↗2007-05-09

▶

Bugzilla

CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835 CVE-2005-3510 CVE-2005-4838)↗2007-04-30

▶