Vulnerability Details : CVE-2010-3407
Public exploit exists!
Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.
Vulnerability category: OverflowExecute code
Threat overview for CVE-2010-3407
Top countries where our scanners detected CVE-2010-3407
Top open port discovered on systems with this issue
110
IPs affected by CVE-2010-3407 192
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2010-3407!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2010-3407
Probability of exploitation activity in the next 30 days: 93.65%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2010-3407
-
IBM Lotus Domino iCalendar MAILTO Buffer Overflow
Disclosure Date: 2010-09-14First seen: 2020-04-26exploit/windows/lotus/domino_icalendar_organizerThis module exploits a vulnerability found in IBM Lotus Domino iCalendar. By sending a long string of data as the "ORGANIZER;mailto" header, process "nRouter.exe" crashes due to a Cstrcpy() routine in nnotes.dll, which allows remote attackers to gain arbitrary cod
CVSS scores for CVE-2010-3407
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2010-3407
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-3407
-
http://www.securityfocus.com/archive/1/513706/100/0/threaded
SecurityFocus
-
http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/613a204806e3f211852576e2006afa3d?OpenDocument
Notes/Domino Fix List - Lotus Notes/Domino 8.0.2 Fix Pack 5 Release NoticeVendor Advisory
-
http://www.exploit-db.com/exploits/15005
IBM Lotus Domino iCalendar - Email Address Stack Buffer Overflow - Multiple remote Exploit
-
http://www-01.ibm.com/support/docview.wss?uid=swg21446515
Stack buffer overflow vulnerability in Lotus Domino iCalendar functionalityVendor Advisory
-
http://labs.mwrinfosecurity.com/files/Advisories/mwri_lotus-domino-ical-stack-overflow_2010-09-14.pdf
Page not foundExploit
-
http://www.securityfocus.com/bid/43219
IBM Lotus Domino iCalendar Remote Stack Buffer Overflow Vulnerability
-
http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/af36678d60bd74288525778400534d7c?OpenDocument
Notes/Domino Fix List - Lotus Notes/Domino 8.5.2 Maintenance Release - "Top 20" Fix ListVendor Advisory
-
http://www.zerodayinitiative.com/advisories/ZDI-10-177/
ZDI-10-177 | Zero Day Initiative
-
http://labs.mwrinfosecurity.com/advisories/lotus_domino_ical_stack_buffer_overflow/
IBM Lotus Domino iCalendar Email Address Stack Buffer Overflow Vulnerability
-
http://securitytracker.com/id?1024448
IBM Lotus Domino iCalendar Stack Overflow in MAILTO Processing Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www-10.lotus.com/ldd/r5fixlist.nsf/8d1c0550e6242b69852570c900549a74/52f9218288b51dcb852576c600741f72?OpenDocument
Notes/Domino Fix List - Lotus Notes/Domino 8.5.1 Fix Pack 2 Release NoticeVendor Advisory
-
http://www.vupen.com/english/advisories/2010/2381
Webmail | OVH- OVHVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/61790
IBM Lotus Domino iCalendar functionality buffer overflow CVE-2010-3407 Vulnerability Report
Products affected by CVE-2010-3407
- cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*