Vulnerability Details : CVE-2007-5544
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
Products affected by CVE-2007-5544
- cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:7.0.2:-:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:6.5.5:-:*:*:*:*:*:*
Threat overview for CVE-2007-5544
Top countries where our scanners detected CVE-2007-5544
Top open port discovered on systems with this issue
110
IPs affected by CVE-2007-5544 109
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2007-5544!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2007-5544
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-5544
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.2
|
MEDIUM | AV:L/AC:H/Au:N/C:C/I:C/A:C |
1.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | 2024-02-15 |
CWE ids for CVE-2007-5544
-
Assigned by: nvd@nist.gov (Primary)
-
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-5544
-
http://www.securityfocus.com/bid/26146
Broken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/advisories/27321
About Secunia Research | FlexeraBroken Link;Patch;Vendor Advisory
-
http://www-1.ibm.com/support/docview.wss?uid=swg21257030
IBM notice: The page you requested cannot be displayedBroken Link;Patch
-
http://www.vupen.com/english/advisories/2007/3598
Webmail: access your OVH emails on ovhcloud.com | OVHcloudPermissions Required
-
http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txt
symantec.com has moved to broadcom.comNot Applicable
Jump to