CVE-2008-0066

CWE-119Buffer Overflow3 documents3 sources
Severity
9.3CRITICAL
EPSS
27.1%
top 3.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedApr 10
Latest updateMay 1

Description

Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDibm/lotus_notes7.0.2, 7.0.3+1

🔴Vulnerability Details

2
GHSA
GHSA-vp2r-hrg5-8665: Multiple buffer overflows in htmsr2022-05-01
CVEList
CVE-2008-0066: Multiple buffer overflows in htmsr2008-04-10
CVE-2008-0066 (CRITICAL CVSS 9.3) | Multiple buffer overflows in htmsr. | cvebase.io