IBM Lotus Domino Web Access ActiveX Control Buffer Overflow Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an ActiveX control that is affected by
multiple buffer overflow vulnerabilities.

Description :

The remote host contains the Domino Web Access or iNotes6 Class
ActiveX control, which is used by IBM Lotus Domino for uploading files
and clearing the cache on logout.

The version of this control on the remote host reportedly contains
multiple stack-based buffer overflows. If a remote attacker can trick
a user on the affected host into visiting a specially crafted web
page, this issue could be leveraged to execute arbitrary code on the
affected host subject to the user's privileges.

See also :

http://seclists.org/fulldisclosure/2007/Dec/497

Solution :

Disable use of the affected ActiveX control from within Internet
Explorer by setting its kill bit.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 29801 (domino_web_access_overflows.nasl)

Bugtraq ID: 26972

CVE ID: CVE-2007-4474

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now