Lucene search
HistoryApr 23, 2014 - 7:55 p.m.
CVE-2014-0892
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7.4
Confidence
Low
EPSS
0.014
Percentile
86.3%
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.
Affected configurations
Node
ibmlotus_dominoMatch8.5.0
ORibmlotus_dominoMatch8.5.0.1
ORibmlotus_dominoMatch8.5.1
ORibmlotus_dominoMatch8.5.1.1
ORibmlotus_dominoMatch8.5.1.2
ORibmlotus_dominoMatch8.5.1.3
ORibmlotus_dominoMatch8.5.1.4
ORibmlotus_dominoMatch8.5.1.5
ORibmlotus_dominoMatch8.5.2.0
ORibmlotus_dominoMatch8.5.2.1
ORibmlotus_dominoMatch8.5.2.2
ORibmlotus_dominoMatch8.5.2.3
ORibmlotus_dominoMatch8.5.2.4
ORibmlotus_dominoMatch8.5.3.0
ORibmlotus_dominoMatch8.5.3.1
ORibmlotus_dominoMatch8.5.3.2
ORibmlotus_dominoMatch8.5.3.3
ORibmlotus_dominoMatch8.5.3.4
ORibmlotus_dominoMatch8.5.3.5
ORibmlotus_dominoMatch8.5.3.6
ORibmlotus_dominoMatch9.0.0.0
ORibmlotus_dominoMatch9.0.1.0
linuxlinux_kernel
Node
ibmlotus_notesMatch8.5
ORibmlotus_notesMatch8.5.0.0
ORibmlotus_notesMatch8.5.0.1
ORibmlotus_notesMatch8.5.1
ORibmlotus_notesMatch8.5.1.0
ORibmlotus_notesMatch8.5.1.1
ORibmlotus_notesMatch8.5.1.2
ORibmlotus_notesMatch8.5.1.3
ORibmlotus_notesMatch8.5.1.4
ORibmlotus_notesMatch8.5.1.5
ORibmlotus_notesMatch8.5.2.0
ORibmlotus_notesMatch8.5.2.1
ORibmlotus_notesMatch8.5.2.2
ORibmlotus_notesMatch8.5.2.3
ORibmlotus_notesMatch8.5.3
ORibmlotus_notesMatch8.5.3.1
ORibmlotus_notesMatch8.5.3.2
ORibmlotus_notesMatch8.5.3.3
ORibmlotus_notesMatch8.5.3.4
ORibmlotus_notesMatch8.5.3.5
ORibmlotus_notesMatch8.5.3.6
ORibmlotus_notesMatch9.0.0.0
ORibmlotus_notesMatch9.0.1.0
linuxlinux_kernel
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | lotus_domino | 8.5.0 | cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.0.1 | cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1 | cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.1 | cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.2 | cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.3 | cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.4 | cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.1.5 | cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.0 | cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:* |
| ibm | lotus_domino | 8.5.2.1 | cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:* |
Related
openvas
openvas
IBM INotes and Domino Arbitrary Code Execution Vulnerability (Jun 2016)
2016-06-02 00:00:00
nessus
nessus
cve
cve
CVE-2014-0892
2014-04-23 19:55:05
prion
prion
Code injection
2014-04-23 19:55:00
kaspersky
kaspersky
KLA10201 ACE vulnerability in IBM
2014-04-23 00:00:00
cert
cert
IBM Notes and Domino on x86 Linux specify an executable stack
2014-04-22 00:00:00
cvelist
cvelist
CVE-2014-0892
2014-04-23 19:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
7.4
Confidence
Low
EPSS
0.014
Percentile
86.3%
Related for NVD:CVE-2014-0892