Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5544

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2007-5544
Last Modified 07 Mar 2011 10:00:53
Published 29 Oct 2007 05:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2007-5544

Summary

IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.

Vulnerable Systems

Application

  • Ibm Lotus Domino 6.5.5

  • Ibm Lotus Domino 7.0

  • Ibm Lotus Domino 7.0.1

  • Ibm Lotus Domino 7.0.2

  • Ibm Lotus Notes 6.5.5

  • Ibm Lotus Notes 7.0.0

  • Ibm Lotus Notes 7.0.1

  • Ibm Lotus Notes 7.0.2


References

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21257030

SECUNIA - 27321

VUPEN - ADV-2007-3598

MISC - http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt

BID - 26146


Last Updated: 27 May 2016 10:46:12