Stack-Based Buffer Overflow in Autonomy KeyView for IBM Lotus Notes
CVE-2011-1216

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes
Vendor: CVE Published:; 31 May 2011

What is CVE-2011-1216?

A stack-based buffer overflow vulnerability exists in the assr.dll component of Autonomy KeyView, utilized in IBM Lotus Notes prior to version 8.5.2 FP3. This flaw permits remote attackers to execute arbitrary code through specially crafted tag data embedded within an Applix spreadsheet attachment. If exploited, this vulnerability can compromise the system's security, enabling unauthorized actions to be taken by the attacker.

References

http://www.ibm.com/support/docview.wss?uid=swg21500034

x_refsource_CONFIRM

http://www.securityfocus.com/bid/47962

vdb-entryx_refsource_BID

http://secunia.com/advisories/44624

third-party-advisoryx_refsource_SECUNIA

EPSS Score

18% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 31, 2011
Vulnerability Reserved
Mar 3, 2011