Lucene search
MitreCVE-2011-0914HistoryFeb 08, 2011 - 10:00 p.m.
CVE-2011-0914
2011-02-0822:00:02
CWE-189
mitre
web.nvd.nist.gov
32
cve
ibm lotus domino
integer signedness error
remote code execution
nvd
giop client request
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.167
Percentile
96.1%
Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.
Affected configurations
Node
ibmlotus_dominoRange≤8.5.2.2
ORibmlotus_dominoMatch4.6.1
ORibmlotus_dominoMatch4.6.3
ORibmlotus_dominoMatch4.6.4
ORibmlotus_dominoMatch5.0
ORibmlotus_dominoMatch5.0.1
ORibmlotus_dominoMatch5.0.2
ORibmlotus_dominoMatch5.0.3
ORibmlotus_dominoMatch5.0.4
ORibmlotus_dominoMatch5.0.4a
ORibmlotus_dominoMatch5.0.5
ORibmlotus_dominoMatch5.0.6
ORibmlotus_dominoMatch5.0.6a
ORibmlotus_dominoMatch5.0.7
ORibmlotus_dominoMatch5.0.7a
ORibmlotus_dominoMatch5.0.8
ORibmlotus_dominoMatch5.0.8a
ORibmlotus_dominoMatch5.0.9
ORibmlotus_dominoMatch5.0.9a
ORibmlotus_dominoMatch5.0.10
ORibmlotus_dominoMatch5.0.11
ORibmlotus_dominoMatch6.0
ORibmlotus_dominoMatch6.0.1
ORibmlotus_dominoMatch6.0.1.1
ORibmlotus_dominoMatch6.0.1.2
ORibmlotus_dominoMatch6.0.1.3
ORibmlotus_dominoMatch6.0.2
ORibmlotus_dominoMatch6.0.2.1
ORibmlotus_dominoMatch6.0.2.2
ORibmlotus_dominoMatch6.0.2_cf2
ORibmlotus_dominoMatch6.0.3
ORibmlotus_dominoMatch6.0.4
ORibmlotus_dominoMatch6.0.5
ORibmlotus_dominoMatch6.5
ORibmlotus_dominoMatch6.5.0
ORibmlotus_dominoMatch6.5.1
ORibmlotus_dominoMatch6.5.2
ORibmlotus_dominoMatch6.5.2.1
ORibmlotus_dominoMatch6.5.3
ORibmlotus_dominoMatch6.5.3.1
ORibmlotus_dominoMatch6.5.4
ORibmlotus_dominoMatch6.5.4.1
ORibmlotus_dominoMatch6.5.4.2
ORibmlotus_dominoMatch6.5.4.3
ORibmlotus_dominoMatch6.5.5
ORibmlotus_dominoMatch6.5.6
ORibmlotus_dominoMatch7.0
ORibmlotus_dominoMatch7.0.1
ORibmlotus_dominoMatch7.0.1.1
ORibmlotus_dominoMatch7.0.2
ORibmlotus_dominoMatch7.0.2.1
ORibmlotus_dominoMatch7.0.2.2
ORibmlotus_dominoMatch7.0.2.3
ORibmlotus_dominoMatch7.0.3
ORibmlotus_dominoMatch7.0.3.1
ORibmlotus_dominoMatch7.0.4
ORibmlotus_dominoMatch7.0.4.1
ORibmlotus_dominoMatch7.0.4.2
ORibmlotus_dominoMatch8.0.1
ORibmlotus_dominoMatch8.0.2
ORibmlotus_dominoMatch8.0.2.1
ORibmlotus_dominoMatch8.0.2.2
ORibmlotus_dominoMatch8.0.2.3
ORibmlotus_dominoMatch8.0.2.4
ORibmlotus_dominoMatch8.0.2.5
ORibmlotus_dominoMatch8.0.2.6
ORibmlotus_dominoMatch8.5.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2
ORibmlotus_dominoMatch8.5.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | * | cpe:2.3:a:ibm:lotus_domino:*:*:*:*:*:*:*:* |
| ibm | lotus_domino | 4.6.1 | cpe:2.3:a:ibm:lotus_domino:4.6.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 4.6.3 | cpe:2.3:a:ibm:lotus_domino:4.6.3:*:*:*:*:*:*:* |
| ibm | lotus_domino | 4.6.4 | cpe:2.3:a:ibm:lotus_domino:4.6.4:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0 | cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0.1 | cpe:2.3:a:ibm:lotus_domino:5.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0.2 | cpe:2.3:a:ibm:lotus_domino:5.0.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0.3 | cpe:2.3:a:ibm:lotus_domino:5.0.3:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0.4 | cpe:2.3:a:ibm:lotus_domino:5.0.4:*:*:*:*:*:*:* |
| ibm | lotus_domino | 5.0.4a | cpe:2.3:a:ibm:lotus_domino:5.0.4a:*:*:*:*:*:*:* |
Related
prion
prion
Integer overflow
2011-02-08 22:00:00
zdi
zdi
nvd
nvd
CVE-2011-0914
2011-02-08 22:00:02
cvelist
cvelist
CVE-2011-0914
2011-02-08 21:00:00
openvas
openvas
IBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities
2011-05-09 00:00:00
kaspersky
kaspersky
KLA10199 ACE vulnerability in IBM Lotus Domino
2011-02-08 00:00:00
nessus
nessus
IBM Lotus Domino 8.5.x < 8.5.3 Multiple Vulnerabilities
2013-04-26 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.167
Percentile
96.1%
Related for CVE-2011-0914