Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2240

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-2240
Last Modified 07 Mar 2011 10:08:53
Published 22 May 2008 09:09:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2240

Summary

Stack-based buffer overflow in the Web Server service in IBM Lotus Domino before 7.0.3 FP1, and 8.x before 8.0.1, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long Accept-Language HTTP header.

Vulnerable Systems

Application

  • Ibm Lotus Domino 6.0

  • Ibm Lotus Domino 6.5

  • Ibm Lotus Domino 7.0

  • Ibm Lotus Domino 8.0

  • Ibm Lotus Domino 8.0.1


References

MISC - http://www.mwrinfosecurity.com/publications/mwri_ibm-lotus-domino-accept-language-stack-overflow_2008-05-20.pdf

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21303057

XF - ibm-lotusdomino-acceptlanguage-bo(42552)

VUPEN - ADV-2008-1597

SECTRACK - 1020098

BID - 29310

VIM - 20080522 Who's Right

SECUNIA - 30332

SECUNIA - 30310


Last Updated: 27 May 2016 10:47:48