Vulnerability Details : CVE-2010-4551
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation.
Vulnerability category: Memory CorruptionDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-4551
Probability of exploitation activity in the next 30 days: 0.16%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-4551
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
References for CVE-2010-4551
-
http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829
IBM LO49829: TRAVELER STOPS FUNCTIONING WHEN PROCESSING AN INVITATION.Vendor Advisory
-
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Release_Notes
IBM Notes and Domino wiki : IBM Notes Traveler : Lotus Notes Traveler 851 FP3 Release Notes
-
http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument
IBM Notes and Domino wiki : Lotus Notes Traveler : Lotus Notes Traveler APAR listing
Products affected by CVE-2010-4551
- cpe:2.3:a:ibm:lotus_notes_traveler:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*