Vulnerability Description
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Notes | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.htmlVendor Advisory
- http://securitytracker.com/id?1014440
- http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.htmlVendor Advisory
- http://securitytracker.com/id?1014440
FAQ
What is CVE-2005-2175?
CVE-2005-2175 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based atta...
How severe is CVE-2005-2175?
CVE-2005-2175 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2175?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Notes.