Denial of Service Vulnerability in IBM Lotus Symphony
CVE-2011-2893

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Symphony
Vendor: CVE Published:; 27 July 2011

Summary

The DataPilot feature in IBM Lotus Symphony 3 before FP3 is susceptible to a Denial of Service attack, which can be initiated by remote attackers with the help of users. Specifically, if users open a malicious .xls spreadsheet that contains an invalid Value reference, it may lead to an application crash, disrupting normal functionality.

References

http://www.securityfocus.com/bid/48936

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21505448

x_refsource_CONFIRM

http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_D...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 27, 2011
Vulnerability Reserved
Jul 27, 2011