fkie_cve-2010-4551
Vulnerability from fkie_nvd
Published
2010-12-16 20:00
Modified
2024-11-21 01:21
Severity ?
Summary
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation.
References
cve@mitre.orghttp://www-1.ibm.com/support/docview.wss?uid=swg1LO49829Vendor Advisory
cve@mitre.orghttp://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes
cve@mitre.orghttp://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument
af854a3a-2127-422b-91ae-364da2661108http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes
af854a3a-2127-422b-91ae-364da2661108http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument
Impacted products
Vendor Product Version
ibm lotus_notes_traveler *
ibm lotus_notes_traveler 8.0
ibm lotus_notes_traveler 8.0.1
ibm lotus_notes_traveler 8.0.1.2
ibm lotus_notes_traveler 8.0.1.3
ibm lotus_notes_traveler 8.5.0.0
ibm lotus_notes_traveler 8.5.0.1
ibm lotus_notes_traveler 8.5.0.2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00ACA086-1D27-4FEA-A70A-4219ACADF6ED",
              "versionEndIncluding": "8.5.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation."
    },
    {
      "lang": "es",
      "value": "IBM Lotus Notes Traveler anterior a v8.5.1.2 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (referencia a puntero nulo -NULL- y ca\u00edda de demonio), omitiendo el campo de la identificaci\u00f3n de Internet en el documento de persona, y despu\u00e9s usar un dispositivo de Apple para (1) aceptar o (2) rechazar una invitaci\u00f3n."
    }
  ],
  "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/476.html\r\n\r\n\u0027CWE-476: NULL Pointer Dereference\u0027",
  "id": "CVE-2010-4551",
  "lastModified": "2024-11-21T01:21:11.690",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-12-16T20:00:17.020",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466\u0026action=openDocument"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466\u0026action=openDocument"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.