CVE-2007-4474 Information

Feb 14, 2021 cve

Description

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control as provided by inotes6.dll inotes6w.dll dwa7.dll and dwa7w.dll in Domino 6.x and 7.x allow remote attackers to execute arbitrary code as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2007-December/059233.html http://osvdb.org/40954 http://secunia.com/advisories/28184 http://www.kb.cert.org/vuls/id/963889 http://www.securityfocus.com/bid/26972 http://www.securitytracker.com/id?1019138 http://www.vupen.com/english/advisories/2007/4296 https://exchange.xforce.ibmcloud.com/vulnerabilities/39175 https://www.exploit-db.com/exploits/4818 https://www.exploit-db.com/exploits/4820 https://www.exploit-db.com/exploits/5111

Share on: