VYPR
Unrated severityNVD Advisory· Published Dec 27, 2007· Updated Jun 16, 2026

CVE-2007-4474

CVE-2007-4474

Description

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

19
  • cpe:2.3:a:ibm:domino_web_access:6.0:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:ibm:domino_web_access:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:6.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:domino_web_access:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino_web_access:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:lotus_domino_web_access:7.0.34.1:*:*:*:*:*:*:*
  • IBM/Lotus Dominollm-create
    Range: 6.x and 7.x
  • Range: 6.x and 7.x

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.