Lucene search
HistoryMay 31, 2011 - 8:55 p.m.
CVE-2011-1216
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.301
Percentile
97.0%
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.
Affected configurations
Node
ibmlotus_notesRange≤8.5.2.2
ORibmlotus_notesMatch3.0
ORibmlotus_notesMatch3.0.0.1
ORibmlotus_notesMatch3.0.0.2
ORibmlotus_notesMatch4.2
ORibmlotus_notesMatch4.2.1
ORibmlotus_notesMatch4.2.2
ORibmlotus_notesMatch4.5
ORibmlotus_notesMatch4.6
ORibmlotus_notesMatch4.6.7a
ORibmlotus_notesMatch4.6.7h
ORibmlotus_notesMatch5.0
ORibmlotus_notesMatch5.0.1
ORibmlotus_notesMatch5.0.1.02
ORibmlotus_notesMatch5.0.1a
ORibmlotus_notesMatch5.0.1b
ORibmlotus_notesMatch5.0.1c
ORibmlotus_notesMatch5.0.2
ORibmlotus_notesMatch5.0.2a
ORibmlotus_notesMatch5.0.2b
ORibmlotus_notesMatch5.0.2c
ORibmlotus_notesMatch5.0.3
ORibmlotus_notesMatch5.0.4
ORibmlotus_notesMatch5.0.4a
ORibmlotus_notesMatch5.0.5
ORibmlotus_notesMatch5.0.5.01
ORibmlotus_notesMatch5.0.5.02
ORibmlotus_notesMatch5.0.6
ORibmlotus_notesMatch5.0.6a
ORibmlotus_notesMatch5.0.6a.01
ORibmlotus_notesMatch5.0.7
ORibmlotus_notesMatch5.0.7a
ORibmlotus_notesMatch5.0.8
ORibmlotus_notesMatch5.0.9
ORibmlotus_notesMatch5.0.9a
ORibmlotus_notesMatch5.0.10
ORibmlotus_notesMatch5.0.11
ORibmlotus_notesMatch5.0.12
ORibmlotus_notesMatch5.0a
ORibmlotus_notesMatch5.02
ORibmlotus_notesMatch6.0
ORibmlotus_notesMatch6.0.1
ORibmlotus_notesMatch6.0.1cf1
ORibmlotus_notesMatch6.0.1cf2
ORibmlotus_notesMatch6.0.1cf3
ORibmlotus_notesMatch6.0.2
ORibmlotus_notesMatch6.0.2cf1
ORibmlotus_notesMatch6.0.2cf2
ORibmlotus_notesMatch6.0.2.2
ORibmlotus_notesMatch6.0.3
ORibmlotus_notesMatch6.0.4
ORibmlotus_notesMatch6.0.5
ORibmlotus_notesMatch6.5
ORibmlotus_notesMatch6.5.1
ORibmlotus_notesMatch6.5.2
ORibmlotus_notesMatch6.5.3
ORibmlotus_notesMatch6.5.3.1
ORibmlotus_notesMatch6.5.4
ORibmlotus_notesMatch6.5.4.1
ORibmlotus_notesMatch6.5.4.2
ORibmlotus_notesMatch6.5.4.3
ORibmlotus_notesMatch6.5.5
ORibmlotus_notesMatch6.5.5.1
ORibmlotus_notesMatch6.5.5.2
ORibmlotus_notesMatch6.5.5.3
ORibmlotus_notesMatch6.5.6
ORibmlotus_notesMatch6.5.6.1
ORibmlotus_notesMatch6.5.6.2
ORibmlotus_notesMatch6.5.6.3
ORibmlotus_notesMatch7.0
ORibmlotus_notesMatch7.0.0
ORibmlotus_notesMatch7.0.1
ORibmlotus_notesMatch7.0.1.1
ORibmlotus_notesMatch7.0.2
ORibmlotus_notesMatch7.0.2.1
ORibmlotus_notesMatch7.0.2.2
ORibmlotus_notesMatch7.0.2.3
ORibmlotus_notesMatch7.0.3
ORibmlotus_notesMatch7.0.3.1
ORibmlotus_notesMatch7.0.4
ORibmlotus_notesMatch7.0.4.0
ORibmlotus_notesMatch7.0.4.1
ORibmlotus_notesMatch7.0.4.2
ORibmlotus_notesMatch8.0
ORibmlotus_notesMatch8.0.0
ORibmlotus_notesMatch8.0.1
ORibmlotus_notesMatch8.0.2
ORibmlotus_notesMatch8.0.2.0
ORibmlotus_notesMatch8.0.2.1
ORibmlotus_notesMatch8.0.2.2
ORibmlotus_notesMatch8.0.2.3
ORibmlotus_notesMatch8.0.2.4
ORibmlotus_notesMatch8.0.2.5
ORibmlotus_notesMatch8.0.2.6
ORibmlotus_notesMatch8.5
ORibmlotus_notesMatch8.5.0.0
ORibmlotus_notesMatch8.5.0.1
ORibmlotus_notesMatch8.5.1
ORibmlotus_notesMatch8.5.1.0
ORibmlotus_notesMatch8.5.1.1
ORibmlotus_notesMatch8.5.1.2
ORibmlotus_notesMatch8.5.1.3
ORibmlotus_notesMatch8.5.1.4
ORibmlotus_notesMatch8.5.1.5
ORibmlotus_notesMatch8.5.2.0
ORibmlotus_notesMatch8.5.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_notes | * | cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:* |
| ibm | lotus_notes | 3.0 | cpe:2.3:a:ibm:lotus_notes:3.0:*:*:*:*:*:*:* |
| ibm | lotus_notes | 3.0.0.1 | cpe:2.3:a:ibm:lotus_notes:3.0.0.1:*:*:*:*:*:*:* |
| ibm | lotus_notes | 3.0.0.2 | cpe:2.3:a:ibm:lotus_notes:3.0.0.2:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.2 | cpe:2.3:a:ibm:lotus_notes:4.2:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.2.1 | cpe:2.3:a:ibm:lotus_notes:4.2.1:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.2.2 | cpe:2.3:a:ibm:lotus_notes:4.2.2:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.5 | cpe:2.3:a:ibm:lotus_notes:4.5:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.6 | cpe:2.3:a:ibm:lotus_notes:4.6:*:*:*:*:*:*:* |
| ibm | lotus_notes | 4.6.7a | cpe:2.3:a:ibm:lotus_notes:4.6.7a:*:*:*:*:*:*:* |
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=907
secunia.com/advisories/44624
www.ibm.com/support/docview.wss?uid=swg21500034
www.securityfocus.com/bid/47962
exchange.xforce.ibmcloud.com/vulnerabilities/67623
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796
Related
cve
cve
CVE-2011-1216
2011-05-31 20:55:02
cvelist
cvelist
CVE-2011-1216
2011-05-31 20:00:00
prion
prion
Stack overflow
2011-05-31 20:55:00
kaspersky
kaspersky
KLA10202 ACE vulnerabilities in IBM Lotus Notes
2011-05-31 00:00:00
openvas
openvas
IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities (Windows)
2011-06-07 00:00:00
IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities - Windows
2011-06-07 00:00:00
nessus
nessus
IBM Lotus Notes Attachment Handling Multiple Buffer Overflows
2011-05-31 00:00:00
symantec
symantec
Multi-Vendor Autonomy Verity Keyview Filter Multiple Issues
2011-10-06 08:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.8
Confidence
Low
EPSS
0.301
Percentile
97.0%
Related for NVD:CVE-2011-1216