CVE-2008-1217

CWE-94Code Injection3 documents3 sources
Severity
9.3CRITICAL
EPSS
3.4%
top 12.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes
Timeline
PublishedMar 9
Latest updateMay 1

Description

Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDibm/lotus_notes6.5, 7.0.2, 8.0.0+2

🔴Vulnerability Details

2
GHSA
GHSA-6xm8-h4fw-jrr6: Unspecified vulnerability in nlnotes2022-05-01
CVEList
CVE-2008-1217: Unspecified vulnerability in nlnotes2008-03-09
CVE-2008-1217 (CRITICAL CVSS 9.3) | Unspecified vulnerability in nlnote | cvebase.io