CVE-2022-44754
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
In short
HCL Domino has a critical buffer overflow flaw in a library that handles file conversion. An attacker can crash the application or run malicious code by sending a specially crafted Lotus Ami Pro file, without needing to log in.
Technical detail
Stack-based buffer overflow in lasr.dll (Micro Focus KeyView component) within HCL Domino allows unauthenticated remote code execution or denial of service via malformed Lotus Ami Pro files. No authentication required; exploitation occurs during file processing.
Summary generated and translated by AI from the official description.
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
HCL Software · DominoWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →