CVE-2022-44750
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
In short
HCL Domino has a critical buffer overflow flaw in its KeyView file processor that can be triggered by a specially crafted Lotus Ami Pro file. An attacker can send this malicious file remotely to crash the application or run malicious code without needing to log in.
Technical detail
Stack-based buffer overflow in lasr.dll (KeyView component) allows unauthenticated remote code execution or denial of service via malformed Lotus Ami Pro documents. Attack vector is network-based with no authentication required; vulnerability occurs during file parsing in the document processing pipeline.
Summary generated and translated by AI from the official description.
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754. This vulnerability applies to software previously licensed by IBM.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
HCL Software · DominoWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →