CVE-2005-2454

Name: CVE-2005-2454
Creator: NVD / NIST
Published: 2005-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.42%

Last modified Jun 16, 2026

CVE-2005-2454 is a vulnerability of currently unknown severity. IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.. EPSS estimates a 0.42% chance of exploitation in the next 30 days.

Description

IBM Lotus Notes 6.5.4 and 6.5.5, and 7.0.0 and 7.0.1, uses insecure default permissions (Everyone/Full Control) for the "Notes" folder and all children, which allows local users to gain privileges and modify, add, or delete files in that folder.

Metrics

EPSS Probability

0.42%

33.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-264

Affected Software

Vendor	Product	Versions
Ibm	Lotus Notes	6.5.4
Ibm	Lotus Notes	6.5.5
Ibm	Lotus Notes	7.0.0
Ibm	Lotus Notes	7.0.1

References

http://secunia.com/advisories/19537Vendor Advisory
http://secunia.com/advisories/27342Vendor Advisory
http://secunia.com/secunia_research/2005-29/advisory/Vendor Advisory
http://securitytracker.com/id?1017086
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
http://www.kb.cert.org/vuls/id/383092US Government Resource
http://www.osvdb.org/29761
http://www.securityfocus.com/archive/1/449126/100/0/threaded
http://www.securityfocus.com/bid/20612
http://www.vupen.com/english/advisories/2006/4093Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29660
http://secunia.com/advisories/19537Vendor Advisory
http://secunia.com/advisories/27342Vendor Advisory
http://secunia.com/secunia_research/2005-29/advisory/Vendor Advisory
http://securitytracker.com/id?1017086
http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21246773
http://www.kb.cert.org/vuls/id/383092US Government Resource
http://www.osvdb.org/29761
http://www.securityfocus.com/archive/1/449126/100/0/threaded
http://www.securityfocus.com/bid/20612
http://www.vupen.com/english/advisories/2006/4093Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29660

Timeline

Published: Dec 31, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-2454?

How severe is CVE-2005-2454?

Severity scoring for CVE-2005-2454 is pending analysis. The EPSS model estimates a 0.42% probability of exploitation in the next 30 days.

How do I fix CVE-2005-2454?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2005-2454?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST