IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
BID:26298
Info
IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
| Bugtraq ID: | 26298 |
| Class: | Unknown |
| CVE: |
CVE-2007-5924 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 01 2007 12:00AM |
| Updated: | Nov 20 2007 07:14PM |
| Credit: | The vendor credits JPCERT/CC with the discovery of this issue. |
| Vulnerable: |
IBM Lotus Domino 7.0.3 IBM Lotus Domino 7.0.2 IBM Lotus Domino 7.0.1 IBM Lotus Domino 7.0 IBM Lotus Domino 6.5.6 IBM Lotus Domino 6.5.5 IBM Lotus Domino 6.5.4 IBM Lotus Domino 6.5.3 IBM Lotus Domino 6.5.2 IBM Lotus Domino 6.5.1 IBM Lotus Domino 6.5 .0 IBM Lotus Domino 6.0.5 IBM Lotus Domino 6.0.4 IBM Lotus Domino 6.0.4 IBM Lotus Domino 6.0.3 IBM Lotus Domino 6.0.2 IBM Lotus Domino 6.0.1 IBM Lotus Domino 6.0 |
| Not Vulnerable: | |
Discussion
IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
IBM Lotus Domino Web Server is prone to an unspecified cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The issue affects IBM Lotus Domino 6.0, 6.5, and 7.0.
IBM Lotus Domino Web Server is prone to an unspecified cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The issue affects IBM Lotus Domino 6.0, 6.5, and 7.0.
Exploit / POC
IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
References
IBM Lotus Domino Web Server Unspecified Cross-Site Scripting Security Vulnerability
References:
References: