CVE-2010-5251

3 documents3 sources

Severity

6.9MEDIUM

EPSS

0.1%

top 80.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Notes

Timeline

PublishedSep 7

Latest updateMay 17

Description

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

▶NVDibm/lotus_notes8.5

🔴Vulnerability Details

GHSA

GHSA-m5m5-7j9f-hwpx: Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8↗2022-05-17

▶

CVEList

CVE-2010-5251: Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8↗2012-09-07

▶