Vulnerability Details CVE-2007-1739
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.152
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 7.8
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494
- http://secunia.com/advisories/24633
- http://www-1.ibm.com/support/docview.wss?uid=swg21257248
- http://www.kb.cert.org/vuls/id/927988
- http://www.securityfocus.com/bid/23173
- http://www.securityfocus.com/bid/23174
- http://www.securitytracker.com/id?1017825
- http://www.vupen.com/english/advisories/2007/1133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33278
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494
- http://secunia.com/advisories/24633
- http://www-1.ibm.com/support/docview.wss?uid=swg21257248
- http://www.kb.cert.org/vuls/id/927988
- http://www.securityfocus.com/bid/23173
- http://www.securityfocus.com/bid/23174
- http://www.securitytracker.com/id?1017825
- http://www.vupen.com/english/advisories/2007/1133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33278
Products affected by CVE-2007-1739
-
cpe:2.3:a:ibm:lotus_domino:7.0
-
cpe:2.3:a:ibm:lotus_domino:7.0.1
-
cpe:2.3:a:ibm:lotus_domino:7.0.2