CVE-2010-0275
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/01/2010
Last modified:
09/04/2025
Description
Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:* | 229.231 (including) | |
| cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/38026
- http://www-01.ibm.com/support/docview.wss?uid=swg27017776
- http://www.securityfocus.com/bid/37675
- http://www.vupen.com/english/advisories/2010/0077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55471
- http://secunia.com/advisories/38026
- http://www-01.ibm.com/support/docview.wss?uid=swg27017776
- http://www.securityfocus.com/bid/37675
- http://www.vupen.com/english/advisories/2010/0077
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55471