HIGH🇵🇱 Wersja polska

CVE-2004-0480

CVSS 10.0v2.0pub. 2004-12-06upd. 2026-04-16

Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • IBM Lotus Notes

    APP
    Ibm
    6.0.36.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2013-0522HIGH7.0ten sam produkt

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Win...

CVE-2014-3086HIGH7.5ten sam produkt

Unspecified vulnerability in the IBM Java Virtual Machine, as used in IBM WebSphere Real Time 3 before Service...

CVE-2012-6349HIGH9.3ten sam produkt

Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allo...

CVE-2013-0536HIGH7.2ten sam produkt

ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3...

CVE-2012-4822HIGH9.3ten sam produkt

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and ea...