1. Home
  2. CVE Database
  3. CVE-2007-0977
HIGH · 7.1

CVE-2007-0977

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to t...

Vulnerability Description

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:C/I:N/A:N
Confidentiality
COMPLETE
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmLotus Domino5.0

References

FAQ

What is CVE-2007-0977?

CVE-2007-0977 is a vulnerability with a CVSS score of 7.1 (HIGH). IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to t...

How severe is CVE-2007-0977?

CVE-2007-0977 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-0977?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino.