Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:DA6CACC623FA712AE2036C05A990A0E7
HistoryJun 30, 2011 - 12:00 a.m.

IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow

2011-06-3000:00:00
SAINT Corporation
www.saintcorporation.com
12

0.915 High

EPSS

Percentile

98.9%

JSON

Added: 06/30/2011
CVE: CVE-2011-1213
BID: 48018
OSVDB: 72706

Background

Lotus Notes is the client for Lotus Domino servers.

Problem

IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of **LZH** files. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted file to the target user and enticing them to view it with the affected software.

Resolution

Apply patches as described in IBM Bulletin 1500034.

References

<http://secunia.com/advisories/44624/&gt;

Limitations

Exploit works on IBM Lotus Notes 8.5 and requires a user to view the **LZH** attachment. A valid e-mail account must exist on the mail server and in Lotus Notes.

Platforms

Windows

Related

cve 1
packetstorm 1
checkpoint_advisories 1
saint 3
prion 1
cvelist 1
nvd 1
kaspersky 1
openvas 2
nessus 2
symantec 1
cve
cve
CVE-2011-1213
2011-05-31 20:55:01
packetstorm
packetstorm
Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview
2011-06-25 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow (CVE-2011-1213)
2011-11-15 00:00:00
saint
saint
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
2011-06-30 00:00:00
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
2011-06-30 00:00:00
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
2011-06-30 00:00:00
prion
prion
Integer overflow
2011-05-31 20:55:00
cvelist
cvelist
CVE-2011-1213
2011-05-31 20:00:00
nvd
nvd
CVE-2011-1213
2011-05-31 20:55:01
kaspersky
kaspersky
KLA10202 ACE vulnerabilities in IBM Lotus Notes
2011-05-31 00:00:00
openvas
openvas
IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities (Windows)
2011-06-07 00:00:00
IBM Lotus Notes File Viewers Multiple BOF Vulnerabilities - Windows
2011-06-07 00:00:00
nessus
nessus
IBM Lotus Notes Attachment Handling Multiple Buffer Overflows
2011-05-31 00:00:00
Symantec Mail Security Autonomy Verity Keyview Filter Vulnerabilities (SYM11-013)
2011-10-28 00:00:00
symantec
symantec
Multi-Vendor Autonomy Verity Keyview Filter Multiple Issues
2011-10-06 08:00:00

0.915 High

EPSS

Percentile

98.9%

JSON
Related for SAINT:DA6CACC623FA712AE2036C05A990A0E7
cve1packetstorm1checkpoint_advisories1saint3prion1cvelist1nvd1kaspersky1openvas2nessus2symantec1