{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-29T00:00:00", "descriptions": [{"lang": "en", "value": "The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "23201", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/23201"}, {"name": "sametime-stjniloader-code-execution(33314)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33314"}, {"name": "20070329 IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257029"}, {"name": "1017828", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017828"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1784", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "23201", "refsource": "BID", "url": "http://www.securityfocus.com/bid/23201"}, {"name": "sametime-stjniloader-code-execution(33314)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33314"}, {"name": "20070329 IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495"}, {"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257029", "refsource": "CONFIRM", "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257029"}, {"name": "1017828", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017828"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1784", "datePublished": "2007-03-31T01:00:00", "dateReserved": "2007-03-30T00:00:00", "dateUpdated": "2017-07-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_sametime:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC83731-C73B-4891-8EBF-743938F841B2", "versionEndIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_sametime:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "8C5FF0F3-D0E6-4933-8826-50C5584D0615", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function."}, {"lang": "es", "value": "El control ActiveX JNILoader (STJNILoader.ocx) 3.1.0.26 en IBM Lotus Notes Sametime anterior a 7.5 permite a atacantes remotos cargar librerias DLL de su elecci\u00f3n y ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos de su elecci\u00f3n en la funci\u00f3n loadLibrary."}], "evaluatorSolution": "This vulnerability is addressed in the following product advisory: \r\nhttp://www-1.ibm.com/support/docview.wss?uid=swg21257029", "id": "CVE-2007-1784", "lastModified": "2017-07-29T01:30:59.237", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2007-03-31T01:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257029"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/23201"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017828"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33314"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}