Vulnerability Description
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC, which allows local users to obtain sensitive information, or inject Lotus Script or other character sequences into a session.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Domino | < 6.5.5 |
| Ibm | Lotus Notes | <= 6.5.5 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27321Broken LinkPatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21257030Broken LinkPatch
- http://www.securityfocus.com/bid/26146Broken LinkThird Party AdvisoryVDB Entry
- http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txtNot Applicable
- http://www.vupen.com/english/advisories/2007/3598Permissions Required
- http://secunia.com/advisories/27321Broken LinkPatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg21257030Broken LinkPatch
- http://www.securityfocus.com/bid/26146Broken LinkThird Party AdvisoryVDB Entry
- http://www.symantec.com/content/en/us/enterprise/research/SYMSA-2007-013.txtNot Applicable
- http://www.vupen.com/english/advisories/2007/3598Permissions Required
FAQ
What is CVE-2007-5544?
CVE-2007-5544 is a vulnerability with a CVSS score of 7.8 (HIGH). IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7.0.2 FP1; uses weak permissions (Everyone:Full Control) for memory mapped files (shared memory) in IPC,...
How severe is CVE-2007-5544?
CVE-2007-5544 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5544?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino, Ibm Lotus Notes.