PT-2007-6566 · Ibm · Ibm Lotus Notes+1
Published
2007-10-29
·
Updated
2024-02-15
·
CVE-2007-5544
CVSS v2.0
6.2
Medium
| Vector | AV:L/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Lotus Notes versions prior to 6.5.6 and 7.x prior to 7.0.3
IBM Domino versions prior to 6.5.5 FP3 and 7.x prior to 7.0.2 FP1
Description
The issue allows local users to obtain sensitive information or inject Lotus Script into a session due to weak permissions for memory mapped files in IPC.
Recommendations
For IBM Lotus Notes versions prior to 6.5.6 and 7.x prior to 7.0.3, update to a version that includes the necessary security fixes.
For IBM Domino versions prior to 6.5.5 FP3 and 7.x prior to 7.0.2 FP1, update to a version that includes the necessary security fixes.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Domino
Ibm Lotus Notes