CVE

Id
49125  
CVE No.
CVE-2011-1213  
Status
Candidate  
Description
Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.  
Phase
Assigned (20110303)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
534116 49125 CVE-2011-1213 IDEFENSE:20110524 IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow  View
534117 49125 CVE-2011-1213 URL:http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904  View
534118 49125 CVE-2011-1213 CONFIRM:http://www.ibm.com/support/docview.wss?uid=swg21500034  View
534119 49125 CVE-2011-1213 BID:47962  View
534120 49125 CVE-2011-1213 URL:http://www.securityfocus.com/bid/47962  View
534121 49125 CVE-2011-1213 OVAL:oval:org.mitre.oval:def:14634  View
534122 49125 CVE-2011-1213 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:14634  View
534123 49125 CVE-2011-1213 SECUNIA:44624  View
534124 49125 CVE-2011-1213 URL:http://secunia.com/advisories/44624  View
534125 49125 CVE-2011-1213 SREASON:8285  View
534126 49125 CVE-2011-1213 URL:http://securityreason.com/securityalert/8285  View
534127 49125 CVE-2011-1213 XF:lotus-notes-lzhsr-bo(67620)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
31645 JVNDB-2011-001885 IBM Lotus Notes にて使用される kvarcve.dll におけるバッファオーバーフローの脆弱性 IBM Lotus Notes にて使用される Autonomy KeyView の kvarcve.dll には、バッファオーバーフローの脆弱性 (SPR# PRAD8E3NSP) が存在します。 CVE-2011-1218 49125 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001885.html  View