Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0914

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-0914
Last Modified 23 Feb 2011 01:48:34
Published 08 Feb 2011 05:00:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0914

Summary

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Vulnerable Systems

Application

  • Ibm Lotus Domino 4.6.1

  • Ibm Lotus Domino 4.6.3

  • Ibm Lotus Domino 4.6.4

  • Ibm Lotus Domino 5.0

  • Ibm Lotus Domino 5.0.1

  • Ibm Lotus Domino 5.0.10

  • Ibm Lotus Domino 5.0.11

  • Ibm Lotus Domino 5.0.2

  • Ibm Lotus Domino 5.0.3

  • Ibm Lotus Domino 5.0.4

  • Ibm Lotus Domino 5.0.4a

  • Ibm Lotus Domino 5.0.5

  • Ibm Lotus Domino 5.0.6

  • Ibm Lotus Domino 5.0.6a

  • Ibm Lotus Domino 5.0.7

  • Ibm Lotus Domino 5.0.7a

  • Ibm Lotus Domino 5.0.8

  • Ibm Lotus Domino 5.0.8a

  • Ibm Lotus Domino 5.0.9

  • Ibm Lotus Domino 5.0.9a

  • Ibm Lotus Domino 6.0

  • Ibm Lotus Domino 6.0.1

  • Ibm Lotus Domino 6.0.1.1

  • Ibm Lotus Domino 6.0.1.2

  • Ibm Lotus Domino 6.0.1.3

  • Ibm Lotus Domino 6.0.2

  • Ibm Lotus Domino 6.0.2 Cf2

  • Ibm Lotus Domino 6.0.2.1

  • Ibm Lotus Domino 6.0.2.2

  • Ibm Lotus Domino 6.0.3

  • Ibm Lotus Domino 6.0.4

  • Ibm Lotus Domino 6.0.5

  • Ibm Lotus Domino 6.5

  • Ibm Lotus Domino 6.5.0

  • Ibm Lotus Domino 6.5.1

  • Ibm Lotus Domino 6.5.2

  • Ibm Lotus Domino 6.5.2.1

  • Ibm Lotus Domino 6.5.3

  • Ibm Lotus Domino 6.5.3.1

  • Ibm Lotus Domino 6.5.4

  • Ibm Lotus Domino 6.5.4.1

  • Ibm Lotus Domino 6.5.4.2

  • Ibm Lotus Domino 6.5.4.3

  • Ibm Lotus Domino 6.5.5

  • Ibm Lotus Domino 6.5.6

  • Ibm Lotus Domino 7.0

  • Ibm Lotus Domino 7.0.1

  • Ibm Lotus Domino 7.0.1.1

  • Ibm Lotus Domino 7.0.2

  • Ibm Lotus Domino 7.0.2.1

  • Ibm Lotus Domino 7.0.2.2

  • Ibm Lotus Domino 7.0.2.3

  • Ibm Lotus Domino 7.0.3

  • Ibm Lotus Domino 7.0.3.1

  • Ibm Lotus Domino 7.0.4

  • Ibm Lotus Domino 7.0.4.1

  • Ibm Lotus Domino 7.0.4.2

  • Ibm Lotus Domino 8.0.1

  • Ibm Lotus Domino 8.0.2

  • Ibm Lotus Domino 8.0.2.1

  • Ibm Lotus Domino 8.0.2.2

  • Ibm Lotus Domino 8.0.2.3

  • Ibm Lotus Domino 8.0.2.4

  • Ibm Lotus Domino 8.0.2.5

  • Ibm Lotus Domino 8.0.2.6

  • Ibm Lotus Domino 8.5.1

  • Ibm Lotus Domino 8.5.1.1

  • Ibm Lotus Domino 8.5.1.2

  • Ibm Lotus Domino 8.5.1.3

  • Ibm Lotus Domino 8.5.1.4

  • Ibm Lotus Domino 8.5.1.5

  • Ibm Lotus Domino 8.5.2

  • Ibm Lotus Domino 8.5.2.1

  • Ibm Lotus Domino 8.5.2.2


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-052/

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21461514

SECUNIA - 43208


Last Updated: 27 May 2016 10:56:06