CVE-2010-0919

Name: CVE-2010-0919
Creator: NVD / NIST
Published: 2010-03-03T19:30:00.743+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.73%

Last modified Jun 16, 2026

CVE-2010-0919 is a vulnerability of currently unknown severity. Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.. EPSS estimates a 5.73% chance of exploitation in the next 30 days.

Description

Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ.

Metrics

EPSS Probability

5.73%

92.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Ibm	Domino Web Access	6.5
Ibm	Domino Web Access	7.0
Ibm	Domino Web Access	7.0.1
Ibm	Domino Web Access	7.0.2
Ibm	Domino Web Access	7.0.3
Ibm	Domino Web Access	8.0
Ibm	Domino Web Access	8.0.2
Ibm	Lotus Inotes	<= 229.271
Ibm	Lotus Inotes	229.011
Ibm	Lotus Inotes	229.021
Ibm	Lotus Inotes	229.031
Ibm	Lotus Inotes	229.041
Ibm	Lotus Inotes	229.051
Ibm	Lotus Inotes	229.061
Ibm	Lotus Inotes	229.101
Ibm	Lotus Inotes	229.111
Ibm	Lotus Inotes	229.131
Ibm	Lotus Inotes	229.141
Ibm	Lotus Inotes	229.151
Ibm	Lotus Inotes	229.161
Ibm	Lotus Inotes	229.171
Ibm	Lotus Inotes	229.181
Ibm	Lotus Inotes	229.191
Ibm	Lotus Inotes	229.201
Ibm	Lotus Inotes	229.211
Ibm	Lotus Inotes	229.221
Ibm	Lotus Inotes	229.231
Ibm	Lotus Inotes	229.241
Ibm	Lotus Inotes	229.251
Ibm	Lotus Inotes	229.261

References

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
http://secunia.com/advisories/38681Vendor Advisory
http://secunia.com/advisories/38744Vendor Advisory
http://secunia.com/advisories/38755Vendor Advisory
http://securitytracker.com/id?1023662
http://www-01.ibm.com/support/docview.wss?uid=swg21421808Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg27018109Vendor Advisory
http://www.osvdb.org/62612
http://www.securityfocus.com/bid/38457
http://www.securityfocus.com/bid/38459
http://www.vupen.com/english/advisories/2010/0495Vendor Advisory
http://www.vupen.com/english/advisories/2010/0496Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56555
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=857
http://secunia.com/advisories/38681Vendor Advisory
http://secunia.com/advisories/38744Vendor Advisory
http://secunia.com/advisories/38755Vendor Advisory
http://securitytracker.com/id?1023662
http://www-01.ibm.com/support/docview.wss?uid=swg21421808Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg27018109Vendor Advisory
http://www.osvdb.org/62612
http://www.securityfocus.com/bid/38457
http://www.securityfocus.com/bid/38459
http://www.vupen.com/english/advisories/2010/0495Vendor Advisory
http://www.vupen.com/english/advisories/2010/0496Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/56555

Timeline

Published: Mar 3, 2010
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-0919?

How severe is CVE-2010-0919?

Severity scoring for CVE-2010-0919 is pending analysis. The EPSS model estimates a 5.73% probability of exploitation in the next 30 days.

How do I fix CVE-2010-0919?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-0919?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST