CVE-2010-0275 : Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properl

Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properly handle script commands in the status-alerts URL, which has unspecified impact and attack vectors, aka SPR LSHR7TBM58.

Published 2010-01-09 18:30:02

Updated 2017-08-17 01:31:57

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2010-0275

Probability of exploitation activity in the next 30 days: 0.30%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-0275

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2010-0275

http://www.securityfocus.com/bid/37675

IBM Lotus Domino Web Access Multiple Unspecified Security Vulnerabilities

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg27017776

8.0.2.3 Lotus iNotes (DWA) 229.261 Cumulative Interim Fix - Readme
Vendor Advisory

CVEs referencing this url
http://www.vupen.com/english/advisories/2010/0077

Webmail | OVH- OVH
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/55471

IBM Lotus Domino Web Access script command unspecified CVE-2010-0275 Vulnerability Report

Products affected by CVE-2010-0275

IBM » Lotus Inotes
Versions up to, including, (<=) 229.231
cpe:2.3:a:ibm:lotus_inotes:*:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.021
cpe:2.3:a:ibm:lotus_inotes:229.021:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.011
cpe:2.3:a:ibm:lotus_inotes:229.011:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.041
cpe:2.3:a:ibm:lotus_inotes:229.041:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.031
cpe:2.3:a:ibm:lotus_inotes:229.031:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.101
cpe:2.3:a:ibm:lotus_inotes:229.101:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.061
cpe:2.3:a:ibm:lotus_inotes:229.061:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.051
cpe:2.3:a:ibm:lotus_inotes:229.051:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.191
cpe:2.3:a:ibm:lotus_inotes:229.191:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.181
cpe:2.3:a:ibm:lotus_inotes:229.181:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.211
cpe:2.3:a:ibm:lotus_inotes:229.211:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.201
cpe:2.3:a:ibm:lotus_inotes:229.201:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.131
cpe:2.3:a:ibm:lotus_inotes:229.131:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.111
cpe:2.3:a:ibm:lotus_inotes:229.111:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.171
cpe:2.3:a:ibm:lotus_inotes:229.171:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.161
cpe:2.3:a:ibm:lotus_inotes:229.161:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.221
cpe:2.3:a:ibm:lotus_inotes:229.221:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.151
cpe:2.3:a:ibm:lotus_inotes:229.151:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3
IBM » Lotus Inotes » Version: 229.141
cpe:2.3:a:ibm:lotus_inotes:229.141:*:*:*:*:*:*:*
Matching versions
When used together with: IBM » Lotus Domino » Version: 8.0.2.3

Vulnerability Details : CVE-2010-0275

Exploit prediction scoring system (EPSS) score for CVE-2010-0275

CVSS scores for CVE-2010-0275

References for CVE-2010-0275

Products affected by CVE-2010-0275