Stack-based Buffer Overflow in IBM Lotus Notes
CVE-2011-1215

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes
Vendor: CVE Published:; 31 May 2011

Summary

A stack-based buffer overflow vulnerability exists in the mw8sr.dll component of IBM Lotus Notes prior to version 8.5.2 FP3. This flaw allows remote attackers to execute arbitrary code by sending specially crafted Microsoft Office document attachments. The flaw can be exploited without user interaction, posing a significant risk to systems that utilize affected versions of Lotus Notes. It is crucial for users to apply security updates and patches to mitigate the threat of exploitation.

References

http://www.ibm.com/support/docview.wss?uid=swg21500034

x_refsource_CONFIRM

http://www.securityfocus.com/bid/47962

vdb-entryx_refsource_BID

http://secunia.com/advisories/44624

third-party-advisoryx_refsource_SECUNIA

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 31, 2011
Vulnerability Reserved
Mar 3, 2011