PT-2008-1667 · Ibm · Ibm Lotus Notes

Published

2008-03-09

Updated

2011-03-08

CVE-2007-6706

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes versions 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0

Description The issue allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.

Recommendations For IBM Lotus Notes version 6.5, update to a version later than 6.5. For IBM Lotus Notes version 7.0.x, update to 7.0.2 CCH or 7.0.3, or later. For IBM Lotus Notes version 8.0, if affected, update to a later version that addresses this issue.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-6706

Affected Products

Ibm Lotus Notes

PT-2008-1667 · Ibm · Ibm Lotus Notes

CVE-2007-6706

Weakness Enumeration

Related Identifiers

Affected Products

References · 7