What is CVE-2007-4474?

CVE-2007-4474 is a vulnerability in N/a. Published 2007-12-27.

Is CVE-2007-4474 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-4474

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonst…

EPSS: 0.873 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

1019138 (vdb-entry, x_refsource_SECTRACK)
5111 (exploit, x_refsource_EXPLOIT-DB)
26972 (vdb-entry, x_refsource_BID)
20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption (mailing-list, x_refsource_FULLDISC)
domino-dwa7w-bo(39175) (vdb-entry, x_refsource_XF)
4820 (exploit, x_refsource_EXPLOIT-DB)
VU#963889 (x_refsource_CERT-VN, third-party-advisory)
ADV-2007-4296 (vdb-entry, x_refsource_VUPEN)
28184 (x_refsource_SECUNIA, third-party-advisory)
4818 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2007-4474?: CVE-2007-4474 is a vulnerability in N/a. Published 2007-12-27.
Is CVE-2007-4474 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.