Vulnerability Details CVE-2005-2454
IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.7%
CVSS Severity
CVSS v2 Score 4.6
References
- http://secunia.com/advisories/19537
- http://secunia.com/advisories/27342
- http://secunia.com/secunia_research/2005-29/advisory/
- http://securitytracker.com/id?1017086
- http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
- http://www.kb.cert.org/vuls/id/383092
- http://www.osvdb.org/29761
- http://www.securityfocus.com/archive/1/449126/100/0/threaded
- http://www.securityfocus.com/bid/20612
- http://www.vupen.com/english/advisories/2006/4093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29660
- http://secunia.com/advisories/19537
- http://secunia.com/advisories/27342
- http://secunia.com/secunia_research/2005-29/advisory/
- http://securitytracker.com/id?1017086
- http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
- http://www.kb.cert.org/vuls/id/383092
- http://www.osvdb.org/29761
- http://www.securityfocus.com/archive/1/449126/100/0/threaded
- http://www.securityfocus.com/bid/20612
- http://www.vupen.com/english/advisories/2006/4093
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29660
Products affected by CVE-2005-2454
-
cpe:2.3:a:ibm:lotus_notes:6.5.4
-
cpe:2.3:a:ibm:lotus_notes:6.5.5
-
cpe:2.3:a:ibm:lotus_notes:7.0.0
-
cpe:2.3:a:ibm:lotus_notes:7.0.1