CVE-2011-1216
IBM Lotus Notes < 8.5.2.2 - Remote Code Execution via Crafted Applix Spreadsheet Tag
Title source: llmDescription
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.
References (6)
Core 6
Core References
Various Sources x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21500034
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/47962
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/44624
Third Party Advisory third-party-advisory
x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/67623
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796
Scores
EPSS
0.0554
EPSS Percentile
91.9%
Details
CWE
CWE-119
Status
published
Products (45)
ibm/lotus_notes
3.0
ibm/lotus_notes
3.0.0.1
ibm/lotus_notes
3.0.0.2
ibm/lotus_notes
4.2
ibm/lotus_notes
4.2.1
ibm/lotus_notes
4.2.2
ibm/lotus_notes
4.5
ibm/lotus_notes
4.6
ibm/lotus_notes
4.6.7a
ibm/lotus_notes
4.6.7h
... and 35 more
Published
May 31, 2011
Tracked Since
Feb 18, 2026