Remote Code Execution Vulnerability in IBM Notes and Domino on Linux Platforms
CVE-2014-0892

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino
Vendor: CVE Published:; 23 April 2014

Summary

IBM Notes and Domino on 32-bit Linux platforms exposes a significant security flaw due to improper use of gcc options, which can allow attackers to execute arbitrary code remotely. The most critical aspect is the lack of NX (No eXecute) protection, facilitating the placement of malicious x86 code on the stack. This vulnerability affects specific versions of IBM Notes and Domino, making it essential for users to apply security updates promptly to mitigate risks associated with unauthorized code execution.

References

http://www.kb.cert.org/vuls/id/350089

third-party-advisoryx_refsource_CERT-VN

http://www-01.ibm.com/support/docview.wss?uid=swg21670264

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/91286

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Apr 23, 2014
Vulnerability Reserved
Jan 6, 2014