CVE-2011-1213

IBM Lotus Notes < 8.5.2.2 - Numeric Error

Title source: rule

Description

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/17448

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by binaryhouse.net · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/lotus/lotusnotes_lzh.rb

View Code ZIP pw:eip

metasploit WORKING POC GOOD

by binaryhouse.net · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/lotusnotes_lzh.rb

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://secunia.com/advisories/44624

[Various Sources] http://www.ibm.com/support/docview.wss?uid=swg21500034

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/47962

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/67620

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14634

[Third Party Advisory] http://securityreason.com/securityalert/8285

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904

Scores

EPSS 0.7461

EPSS Percentile 98.9%

Details

CWE

CWE-189

Status published

Products (45)

ibm/lotus_notes 3.0

ibm/lotus_notes 3.0.0.1

ibm/lotus_notes 3.0.0.2

ibm/lotus_notes 4.2

ibm/lotus_notes 4.2.1

ibm/lotus_notes 4.2.2

ibm/lotus_notes 4.5

ibm/lotus_notes 4.6

ibm/lotus_notes 4.6.7a

ibm/lotus_notes 4.6.7h

... and 35 more

Published May 31, 2011

Tracked Since Feb 18, 2026