What is CVE-2010-3407?

CVE-2010-3407 is a vulnerability in Ibm Lotus_domino, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-09-16.

Is CVE-2010-3407 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Ibm Lotus_domino

CVE-2010-3407

Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code…

Vulnerability class: Buffer Overflow

EPSS: 0.777 (99.0th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_domino — versions 8.0.2.2, 8.5.1.1, 8.0.2.4
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

lotus-domino-icalendar-bo(61790) (vdb-entry, x_refsource_XF)
ADV-2010-2381 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_MISC, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
43219 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_MISC, Vendor Advisory)
41433 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_MISC, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2010-3407?: CVE-2010-3407 is a vulnerability in Ibm Lotus_domino, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-09-16.
Is CVE-2010-3407 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.