CVE-2014-0892
IBM Notes and Domino 8.5.x-8.5.3 FP6 IF3 and 9.x-9.0.1 FP1 - Remote Code Execution via Missing NX Protection
Title source: llmDescription
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.
References (3)
Core 3
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/350089
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21670264
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
Scores
EPSS
0.0411
EPSS Percentile
89.6%
Details
CWE
CWE-200
Status
published
Products (45)
ibm/lotus_domino
8.5.0
ibm/lotus_domino
8.5.0.1
ibm/lotus_domino
8.5.1
ibm/lotus_domino
8.5.1.1
ibm/lotus_domino
8.5.1.2
ibm/lotus_domino
8.5.1.3
ibm/lotus_domino
8.5.1.4
ibm/lotus_domino
8.5.1.5
ibm/lotus_domino
8.5.2.0
ibm/lotus_domino
8.5.2.1
... and 35 more
Published
Apr 23, 2014
Tracked Since
Feb 18, 2026