CVE-2007-4309

Published: Aug 13, 2007Modified: Apr 23, 2026

3.5

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability: 6.8 / Impact: 2.9

Source: NVD

Description

IBM Lotus Notes 5.x through 7.0.2 allows user-assisted remote authenticated administrators to obtain a cleartext notes.id password by setting the notes.ini (1) KFM_ShowEntropy and (2) Debug_Outfile debug variables, a different vulnerability than CVE-2005-2696.

Affected (5)

Products: Ibm: Lotus Notes

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Ibm Lotus Notes	Version 5.0
Ibm Lotus Notes	Version 6.0
Ibm Lotus Notes	Version 7.0.1
Ibm Lotus Notes	Version 7.0.2
Ibm Lotus Notes	Version 7.0

References (6)

http://securitytracker.com/id?1018433

Source: cve@mitre.org

http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085

Source: cve@mitre.org

http://www.heise-security.co.uk/news/92958

Source: cve@mitre.org

http://securitytracker.com/id?1018433

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21266085

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.heise-security.co.uk/news/92958

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.