CVE-2010-1487

Published: Apr 20, 2010Modified: Apr 29, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, which allows local users to obtain sensitive information by examining this file, aka SPR JSTN837SEG.

Affected (3)

Products: Ibm: Lotus Notes

Ibm

1 product

Lotus Notes

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Lotus Notes	Version 7.0
Ibm Lotus Notes	Version 8.0
Ibm Lotus Notes	Version 8.5

Related CWEs

CWE-255

References (8)

http://secunia.com/advisories/39507

Source: cve@mitre.org

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21427073

Source: cve@mitre.org

http://www.securityfocus.com/bid/39525

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725

Source: cve@mitre.org

http://secunia.com/advisories/39507

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21427073

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/39525

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14725

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.