Описание
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-5544
- http://secunia.com/advisories/27321
- http://www-1.ibm.com/support/docview.wss?uid=swg21257030
- http://www.securityfocus.com/bid/26146
- http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt
- http://www.vupen.com/english/advisories/2007/3598
Связанные уязвимости
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.