Описание
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
Ссылки
- Vendor Advisory
- ExploitVendor Advisory
- US Government Resource
- Vendor Advisory
- ExploitVendor Advisory
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.15448
Средний
7.8 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
EPSS
Процентиль: 94%
0.15448
Средний
7.8 High
CVSS2
Дефекты
NVD-CWE-Other