7.1
CVSSv2

CVE-2007-0977

Published: 16/02/2007 Updated: 11/10/2017
CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6
VMScore: 715
Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N

Vulnerability Summary

IBM Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores HTTPPassword hashes from names.nsf in a manner accessible through Readviewentries and OpenDocument requests to the defaultview view, a different vector than CVE-2005-2428.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ibm lotus domino 5.0

ibm lotus domino 6.0

Exploits

#!/bin/bash # # $Id: raptor_dominohash,v 13 2007/02/13 17:27:28 raptor Exp $ # # raptor_dominohash - Lotus Domino R5/R6 HTTPPassword dump # Copyright (c) 2007 Marco Ivaldi <raptor@0xdeadbeefinfo> # # Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, # stores sensitive data from namesnsf in hidden form fields, w ...

Github Repositories

ViperX Offensive Security

ViperX Research labs Presentations | 0-days/CVE's | Articles | More+ Dear Colleagues and Partners, We are pleased to announce the establishment of the ViperX Research Labs Repository, a significant initiative aimed at advancing the field of cybersecurity through collaborative and transparent research Our decision to create this repository stems from a deep understanding