Vulnerability Name: | CVE-2000-0891 (CCN-5045) | ||||||||
Assigned: | 2000-07-30 | ||||||||
Published: | 2000-07-30 | ||||||||
Updated: | 2018-08-13 | ||||||||
Summary: | A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2000-0891 Source: CCN Type: CIAC Information Bulletin K-062 Vulnerabilities in Lotus Notes Domino Aired at DefCon 8 Source: CCN Type: US-CERT VU#5962 Notes default ECL allows execution of unsigned code Source: CERT-VN Type: Exploit, Patch, Third Party Advisory, US Government Resource VU#5962 Source: CCN Type: Lotus IT Central Security Zone Comments on DefCon 8.0 Presentation on Domino Security Vulnerability Source: CCN Type: Notes.net Web site Notes/Domino Fix List SPR # CBAT45TU9S Source: CONFIRM Type: UNKNOWN http://www.notes.net/R5FixList.nsf/Search!SearchView&Query=CBAT45TU9S Source: CCN Type: OSVDB ID: 5827 IBM Lotus Notes Email Attachment Automatic Execution Source: CCN Type: Security Design International Web site FALLING DOMINOS FAQ Source: XF Type: UNKNOWN lotus-notes-bypass-ecl(5045) Source: XF Type: UNKNOWN lotus-notes-bypass-ecl(5045) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |