CVE-2010-0919

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

Published: Mar 3, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-0919
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / domino_web_access	8.0.2	8.0.2.x
ibm / domino_web_access	7.0	7.0.x
ibm / domino_web_access	7.0.1	7.0.1.x
ibm / domino_web_access	7.0.3	7.0.3.x
ibm / domino_web_access	6.5	6.5.x
ibm / domino_web_access	7.0.2	7.0.2.x
ibm / domino_web_access	8.0	8.0.x
ibm / lotus_inotes	-	229.271.x
ibm / lotus_inotes	229.011	229.011.x
ibm / lotus_inotes	229.021	229.021.x
ibm / lotus_inotes	229.031	229.031.x
ibm / lotus_inotes	229.041	229.041.x
ibm / lotus_inotes	229.051	229.051.x
ibm / lotus_inotes	229.061	229.061.x
ibm / lotus_inotes	229.101	229.101.x
ibm / lotus_inotes	229.111	229.111.x
ibm / lotus_inotes	229.131	229.131.x
ibm / lotus_inotes	229.141	229.141.x
ibm / lotus_inotes	229.151	229.151.x
ibm / lotus_inotes	229.161	229.161.x
ibm / lotus_inotes	229.171	229.171.x
ibm / lotus_inotes	229.181	229.181.x
ibm / lotus_inotes	229.191	229.191.x
ibm / lotus_inotes	229.201	229.201.x
ibm / lotus_inotes	229.211	229.211.x
ibm / lotus_inotes	229.221	229.221.x
ibm / lotus_inotes	229.231	229.231.x
ibm / lotus_inotes	229.241	229.241.x
ibm / lotus_inotes	229.251	229.251.x
ibm / lotus_inotes	229.261	229.261.x

Vulnerability Database

289,697

CVE-2010-0919