{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-06T00:00:00", "descriptions": [{"lang": "en", "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-07-14T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1014440", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014440"}, {"name": "20050706 Cross site scripting in Lotus Notes web mail", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2175", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1014440", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014440"}, {"name": "20050706 Cross site scripting in Lotus Notes web mail", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2175", "datePublished": "2005-07-09T04:00:00", "dateReserved": "2005-07-09T00:00:00", "dateUpdated": "2005-07-14T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*", "matchCriteriaId": "99CADAC9-376A-430B-B228-84F0FA401154", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies."}], "id": "CVE-2005-2175", "lastModified": "2008-09-05T20:51:04.820", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-09T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2005-07/0075.html"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014440"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}