- Description
- The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Comment
- -
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_sametime:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4EC83731-C73B-4891-8EBF-743938F841B2",
"versionEndIncluding": "7.0"
},
{
"criteria": "cpe:2.3:a:ibm:lotus_sametime:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C5FF0F3-D0E6-4933-8826-50C5584D0615"
}
],
"operator": "OR"
}
]
}
]