CVE-2022-44750

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754. This vulnerability applies to software previously licensed by IBM.

Published: Dec 19, 2022
Updated: Nov 8, 2023
CVE: CVE-2022-44750
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
hcltech / domino	9.0.1	9.0.1.x
hcltech / domino	9.0.1-feature_pack_10_interim_fix_3	9.0.1-feature_pack_10_interim_fix_3.x
hcltech / domino	9.0.1-feature_pack_10_interim_fix_4	9.0.1-feature_pack_10_interim_fix_4.x
hcltech / domino	9.0.1-feature_pack_8	9.0.1-feature_pack_8.x
hcltech / domino	9.0.1-feature_pack_8_interim_fix_1	9.0.1-feature_pack_8_interim_fix_1.x
hcltech / domino	9.0.1-feature_pack_8_interim_fix_2	9.0.1-feature_pack_8_interim_fix_2.x
hcltech / domino	9.0.1-feature_pack_8_interim_fix_3	9.0.1-feature_pack_8_interim_fix_3.x
hcltech / domino	9.0.1-feature_pack_10_interim_fix_5	9.0.1-feature_pack_10_interim_fix_5.x
hcltech / domino	9.0	9.0.x
hcltech / domino	9.0.1-fixpack_10	9.0.1-fixpack_10.x
hcltech / domino	9.0.1-fixpack_3	9.0.1-fixpack_3.x
hcltech / domino	9.0.1-fixpack_4	9.0.1-fixpack_4.x
hcltech / domino	9.0.1-fixpack_5	9.0.1-fixpack_5.x
hcltech / domino	9.0.1-fixpack_6	9.0.1-fixpack_6.x
hcltech / domino	9.0.1-fixpack_7	9.0.1-fixpack_7.x
hcltech / domino	9.0.1-fixpack_8	9.0.1-fixpack_8.x
hcltech / domino	9.0.1-fixpack_9	9.0.1-fixpack_9.x

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102151

Vulnerability Database

289,784

CVE-2022-44750