Lucene search

MitreCVE-2011-1215

HistoryMay 31, 2011 - 8:55 p.m.

CVE-2011-1215

2011-05-3120:55:02

CWE-119

mitre

web.nvd.nist.gov

cve-2011-1215

autonomy keyview

ibm lotus notes

buffer overflow

remote code execution

microsoft office

document attachment.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.

Affected configurations

Nvd

Node

ibmlotus_notesRange≤8.5.2.2

ibmlotus_notesMatch7.0

ibmlotus_notesMatch7.0.0

ibmlotus_notesMatch7.0.1

ibmlotus_notesMatch7.0.1.1

ibmlotus_notesMatch7.0.2

ibmlotus_notesMatch7.0.2.1

ibmlotus_notesMatch7.0.2.2

ibmlotus_notesMatch7.0.2.3

ibmlotus_notesMatch7.0.3

ibmlotus_notesMatch7.0.3.1

ibmlotus_notesMatch7.0.4

ibmlotus_notesMatch7.0.4.1

ibmlotus_notesMatch7.0.4.2

ibmlotus_notesMatch8.0

ibmlotus_notesMatch8.0.0

ibmlotus_notesMatch8.0.1

ibmlotus_notesMatch8.0.2

ibmlotus_notesMatch8.0.2.0

ibmlotus_notesMatch8.0.2.1

ibmlotus_notesMatch8.0.2.2

ibmlotus_notesMatch8.0.2.3

ibmlotus_notesMatch8.0.2.4

ibmlotus_notesMatch8.0.2.5

ibmlotus_notesMatch8.0.2.6

ibmlotus_notesMatch8.5

ibmlotus_notesMatch8.5.0.0

ibmlotus_notesMatch8.5.0.1

ibmlotus_notesMatch8.5.1

ibmlotus_notesMatch8.5.1.0

ibmlotus_notesMatch8.5.1.1

ibmlotus_notesMatch8.5.1.2

ibmlotus_notesMatch8.5.1.3

ibmlotus_notesMatch8.5.1.4

ibmlotus_notesMatch8.5.1.5

ibmlotus_notesMatch8.5.2.0

ibmlotus_notesMatch8.5.2.1

VendorProductVersionCPE
ibmlotus_notes*cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*
ibmlotus_notes7.0cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*
ibmlotus_notes7.0.0cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*
ibmlotus_notes7.0.1cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*
ibmlotus_notes7.0.1.1cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*
ibmlotus_notes7.0.2cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*
ibmlotus_notes7.0.2.1cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*
ibmlotus_notes7.0.2.2cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*
ibmlotus_notes7.0.2.3cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*
ibmlotus_notes7.0.3cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_notes	*	cpe:2.3:a:ibm:lotus_notes::::::::
ibm	lotus_notes	7.0	cpe:2.3:a:ibm:lotus_notes:7.0:::::::*
ibm	lotus_notes	7.0.0	cpe:2.3:a:ibm:lotus_notes:7.0.0:::::::*
ibm	lotus_notes	7.0.1	cpe:2.3:a:ibm:lotus_notes:7.0.1:::::::*
ibm	lotus_notes	7.0.1.1	cpe:2.3:a:ibm:lotus_notes:7.0.1.1:::::::*
ibm	lotus_notes	7.0.2	cpe:2.3:a:ibm:lotus_notes:7.0.2:::::::*
ibm	lotus_notes	7.0.2.1	cpe:2.3:a:ibm:lotus_notes:7.0.2.1:::::::*
ibm	lotus_notes	7.0.2.2	cpe:2.3:a:ibm:lotus_notes:7.0.2.2:::::::*
ibm	lotus_notes	7.0.2.3	cpe:2.3:a:ibm:lotus_notes:7.0.2.3:::::::*
ibm	lotus_notes	7.0.3	cpe:2.3:a:ibm:lotus_notes:7.0.3:::::::*

Rows per page:

1-10 of 371

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=906

secunia.com/advisories/44624

www.ibm.com/support/docview.wss?uid=swg21500034

www.securityfocus.com/bid/47962

exchange.xforce.ibmcloud.com/vulnerabilities/67622

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Related for CVE-2011-1215