CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-3114

The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/36813
http://www-01.ibm.com/support/docview.wss?uid=swg21403834
http://www.scip.ch/?vuldb.4021
http://www.securityfocus.com/archive/1/506296/100/0/threaded
http://www.securityfocus.com/bid/36305
http://secunia.com/advisories/36813
http://www-01.ibm.com/support/docview.wss?uid=swg21403834
http://www.scip.ch/?vuldb.4021
http://www.securityfocus.com/archive/1/506296/100/0/threaded
http://www.securityfocus.com/bid/36305

Products affected by CVE-2009-3114

Ibm » Lotus Notes » Version: 8.5

cpe:2.3:a:ibm:lotus_notes:8.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-3114

Products

Pricing

Contact Us