Vulnerability Details : CVE-2008-7286
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that request images, which allows remote authenticated users to cause a denial of service (daemon crash) via a request to resources.nsf, aka SPR XFXF7JDBCX.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2008-7286
Probability of exploitation activity in the next 30 days: 0.13%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-7286
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:N/A:P |
6.8
|
2.9
|
NIST |
CWE ids for CVE-2008-7286
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-7286
-
http://www-01.ibm.com/support/docview.wss?uid=swg27013341
IBM Fix list for Lotus Quickr 8.1 services for Lotus Domino
Products affected by CVE-2008-7286
- cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*When used together with: IBM » Lotus Domino