CVE-2022-44754
published 2022-12-19CVE-2022-44754: HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker…
PriorityP339high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
0.65%
46.3th percentile
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hcl_software | domino | — | — |
| hcltech | domino | — | — |
| hcltech | domino | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x3vq-hc76-j6fw: IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr
ghsa_unreviewed·2022-12-19·CVSS 9.8
CVE-2022-44754 [CRITICAL] CWE-787 GHSA-x3vq-hc76-j6fw: IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr
IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750.
GHSA
GHSA-gm95-gj2v-2cqc: IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr
ghsa_unreviewed·2022-12-19·CVSS 9.8
CVE-2022-44750 [CRITICAL] CWE-787 GHSA-gm95-gj2v-2cqc: IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr
IBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-19
Published