CVE-2004-0480

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that…

mitre·CWE-88·Published 2004-06-30

CVSS

—

EPSS

0.09

KEV

Exploits

cve.orgen

238 chars

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.

NVDen

238 chars

NVDes

268 chars

Vulnerabilidad de inyección de argumentos en IBM Lotus Notes 6.0.3 y 6.5 permite a atacantes remotos ejecutar código de su eleccion mediante una URI notes: que usa un nombre de ruta de red UNC para proveer un fichero de configuración notes.ini alternativo a notes.exe.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C