What is CVE-2011-1213?

CVE-2011-1213 is a vulnerability in Ibm Lotus_notes, classified under CWE-189. Published 2011-05-31.

Is CVE-2011-1213 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Lotus_notes

CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka S…

EPSS: 0.746 (98.9th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_notes — versions 3.0, 3.0.0.1, 3.0.0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-189

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_CONFIRM)
47962 (vdb-entry, x_refsource_BID)
20110524 IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow (x_refsource_IDEFENSE, third-party-advisory)
44624 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
lotus-notes-lzhsr-bo(67620) (vdb-entry, x_refsource_XF)
oval:org.mitre.oval:def:14634 (x_refsource_OVAL, signature, vdb-entry)
8285 (x_refsource_SREASON, third-party-advisory)

Frequently asked questions

What is CVE-2011-1213?: CVE-2011-1213 is a vulnerability in Ibm Lotus_notes, classified under CWE-189. Published 2011-05-31.
Is CVE-2011-1213 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.