CVE-2007-1739
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/03/2007
Last modified:
09/04/2025
Description
Heap-based buffer overflow in the LDAP server in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service (crash) via a long, malformed DN request, which causes only the lower 16 bits of the string length to be used in memory allocation.
Impact
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:lotus_domino:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_domino:7.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_domino:7.0.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494
- http://secunia.com/advisories/24633
- http://www-1.ibm.com/support/docview.wss?uid=swg21257248
- http://www.kb.cert.org/vuls/id/927988
- http://www.securityfocus.com/bid/23173
- http://www.securityfocus.com/bid/23174
- http://www.securitytracker.com/id?1017825=
- http://www.vupen.com/english/advisories/2007/1133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33278
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=494
- http://secunia.com/advisories/24633
- http://www-1.ibm.com/support/docview.wss?uid=swg21257248
- http://www.kb.cert.org/vuls/id/927988
- http://www.securityfocus.com/bid/23173
- http://www.securityfocus.com/bid/23174
- http://www.securitytracker.com/id?1017825=
- http://www.vupen.com/english/advisories/2007/1133
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33278