Vulnerability CVE-2011-1512


Published: 2011-05-31   Modified: 2012-02-13

Description:
Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

See advisories in our WLB2 database:
Topic
Author
Date
High
Lotus Notes XLS viewer malformed BIFF record heap overflow
CORE
02.06.2011

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: IBM
Product: Lotus notes 
Version:
8.5.2.2
8.5.2.1
8.5.2.0
8.5.1.5
8.5.1.4
8.5.1.3
8.5.1.2
8.5.1.1
8.5.1.0
8.5.1
8.5.0.1
8.5.0.0
8.5
8.0.2.6
8.0.2.5
8.0.2.4
8.0.2.3
8.0.2.2
8.0.2.1
8.0.2.0
8.0.2
8.0.1
8.0.0
8.0
7.0.4.2
7.0.4.1
7.0.4.0
7.0.4
7.0.3.1
7.0.3
7.0.2.3
7.0.2.2
7.0.2.1
7.0.2
7.0.1.1
7.0.1
7.0.0
7.0
6.5.6.3
6.5.6.2
6.5.6.1
6.5.6
6.5.5.3
6.5.5.2
6.5.5.1
6.5.5
6.5.4.3
6.5.4.2
6.5.4.1
6.5.4
6.5.3.1
6.5.3
6.5.2
6.5.1
6.5
6.0.5
6.0.4
6.0.3
6.0.2.2
6.0.2
6.0.1
6.0
5.0a
5.02
5.0.9a
5.0.9
5.0.8
5.0.7a
5.0.7
5.0.6a.01
5.0.6a
5.0.6
5.0.5.02
5.0.5.01
5.0.5
5.0.4a
5.0.4
5.0.3
5.0.2c
5.0.2b
5.0.2a
5.0.2
5.0.1c
5.0.1b
5.0.1a
5.0.12
5.0.11
5.0.10
5.0.1.02
5.0.1
5.0
4.6.7h
4.6.7a
4.6
4.5
4.2.2
4.2.1
4.2
3.0.0.2
3.0.0.1
See more versions on NVD

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://securityreason.com/securityalert/8263
http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow
http://www.ibm.com/support/docview.wss?uid=swg21500034
http://www.securityfocus.com/archive/1/518120/100/0/threaded
http://www.securityfocus.com/bid/47962
https://exchange.xforce.ibmcloud.com/vulnerabilities/67619
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14203

Related CVE
CVE-2019-4321
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for Emergency Management V5.1.0 - V5.1.0.6, and IBM Water Operations for Waternamics V5.1.0 - V5.2.1.1 does not require that users should have strong passwords by de...
CVE-2019-4186
IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a specially crafted HTTP GET request, a remote attacker could exploit this vulnerability to inj...
CVE-2019-4149
IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM Business Process Manager V8.6.0.0 through V8.6.0.0 Cumulative Fix 2018.03, V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06, and V8.5.6.0 through V8.5.6.0 CF2 is vulnerable to cross...
CVE-2019-4536
IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a system which has been configured with Db2 Mirror for i might have user profiles with elevated privileges caused by incorrect processing during a restore of multiple user profiles. ...
CVE-2019-4133
IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the client side (with access to client computer) to run a custom script. IBM X-Force ID: 158278.
CVE-2019-4132
IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertly redirected and obtain sensitive information rather than receive a 404 error message. IBM X-Force ID: 158274.
CVE-2019-4513
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume mem...
CVE-2019-4448
IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1, 6.1.0.2, 6.1.0.2 IF1, and 6.1.0.1 IF2 db2hpum and db2hpum_debug binaries are setuid root and have built-in options that allow an low privileged user the ability to load arbitrary...

Copyright 2019, cxsecurity.com

 

Back to Top