Exploitation Summary
EIP tracks 3 public exploits for CVE-2010-3407.
PoCs published by Metasploit, A. Plaskett, A. Plaskett, sinn3r, including Metasploit module exploits/windows/lotus/domino_icalendar_organizer.
AI-analyzed exploit summary This is a Metasploit module exploiting a buffer overflow in IBM Lotus Domino iCalendar via a malformed 'ORGANIZER;mailto' header. It achieves remote code execution by overwriting EIP and leveraging ROP gadgets to bypass DEP on Windows systems.
Description
Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.
Exploits (3)
This is a Metasploit module exploiting a buffer overflow in IBM Lotus Domino iCalendar via a malformed 'ORGANIZER;mailto' header. It achieves remote code execution by overwriting EIP and leveraging ROP gadgets to bypass DEP on Windows systems.
The exploit demonstrates a stack-based buffer overflow in IBM Lotus Domino's iCalendar email address handling via a crafted email with an overly long ORGANIZER mailto address. The PoC triggers the vulnerability by overwriting the saved return address, leading to arbitrary code execution in the context of the nrouter.exe process.
This Metasploit module exploits a buffer overflow in IBM Lotus Domino iCalendar via a long 'ORGANIZER;mailto' header, leading to remote code execution. It includes multiple targets for different Windows versions and uses ROP techniques to bypass DEP.