HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755. This vulnerability applies to software previously licensed by IBM.
References
Link | Resource |
---|---|
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Mar 2023, 15:20
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260 - Vendor Advisory | |
Summary | HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755. This vulnerability applies to software previously licensed by IBM. | |
CPE | cpe:2.3:a:ibm:notes:10.0.1:interim_fix_1:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_7:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_4:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_5:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_5:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_2:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_8:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_9:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_3:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:-:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_3:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:-:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_1:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_6:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_2:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_10:*:*:*:*:*:* cpe:2.3:a:ibm:notes:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_7:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_6:*:*:*:*:*:* |
cpe:2.3:a:hcltech:notes:9.0.1:fp4if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp5:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if8:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp5if3:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if3:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp3if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp9if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp8if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp6:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp5if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp7:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp7if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp3if3:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:-:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if6:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp4:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp4if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp2if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp3if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp1if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp2if4:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if10:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp3if4:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp7if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp2if3:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp5if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if7:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if5:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:fp3:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp9if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if4:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:10.0.1:-:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp10if1:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp2if2:*:*:*:*:*:* cpe:2.3:a:hcltech:notes:9.0.1:fp1if1:*:*:*:*:*:* |
22 Dec 2022, 20:05
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-787 | |
References | (MISC) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260 - Third Party Advisory | |
CPE | cpe:2.3:a:ibm:notes:10.0.1:-:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_3:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_4:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_9:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_1:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_6:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_2:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_7:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_10:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_4:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_2:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_7:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_1:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_6:*:*:*:*:*:* cpe:2.3:a:ibm:notes:10.0.1:interim_fix_5:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:-:*:*:*:*:*:* cpe:2.3:a:ibm:notes:*:*:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_5:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_8:*:*:*:*:*:* cpe:2.3:a:ibm:notes:9.0.1.10:interim_fix_3:*:*:*:*:*:* |
19 Dec 2022, 13:12
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-19 11:15
Updated : 2024-02-04 23:14
NVD link : CVE-2022-44751
Mitre link : CVE-2022-44751
CVE.ORG link : CVE-2022-44751
JSON object : View
Products Affected
hcltech
- notes
CWE
CWE-787
Out-of-bounds Write