CVE-2011-3575

IBM Lotus Domino 8.5.2 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-3575. PoCs published by rmallof.

AI-analyzed exploit summary This exploit targets a stack-based buffer overflow in IBM Lotus Domino 8.5.2 via a malformed POST request to the webadmin.nsf endpoint. It uses a crafted buffer with SEH overwrite and a simple shellcode to trigger arbitrary code execution.

Description

Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf.

Exploits (1)

exploitdb WORKING POC VERIFIED
by rmallof · pythonremotewindows
https://www.exploit-db.com/exploits/36145

This exploit targets a stack-based buffer overflow in IBM Lotus Domino 8.5.2 via a malformed POST request to the webadmin.nsf endpoint. It uses a crafted buffer with SEH overwrite and a simple shellcode to trigger arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Racy
Target: IBM Lotus Domino 8.5.2
Auth required
Prerequisites: Network access to the target server · Valid credentials for authentication
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/49705
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/69802

Scores

EPSS 0.1107
EPSS Percentile 95.4%

Details

CWE
CWE-119
Status published
Products (1)
ibm/lotus_domino 8.5.2
Published Sep 19, 2011
Tracked Since Feb 18, 2026