Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3575

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2011-3575
Last Modified 22 Sep 2011 11:34:43
Published 19 Sep 2011 08:02:57
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3575

Summary

Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName parameter in an fmHttpPostRequest OpenForm action to WebAdmin.nsf.

Vulnerable Systems

Application

  • Ibm Lotus Domino 8.5.2


References

XF - ibm-lotus-domino-hpragentname-bo(69802)

BID - 49705

MISC - http://www.research.reversingcode.com/index.php/advisories/73-ibm-ssd-1012211

MISC - http://www.research.reversingcode.com/exploits/IBMLotusDomino_StackOverflowPoC


Last Updated: 27 May 2016 10:57:43