What is CVE-2012-2175?

CVE-2012-2175 is a vulnerability in Ibm Lotus_inotes, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-06-20.

Is CVE-2012-2175 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Ibm Lotus_inotes

CVE-2012-2175

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.

Vulnerability class: Buffer Overflow

EPSS: 0.665 (98.6th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_inotes — versions 8.5.0.0, 8.5.0.1, 8.5.1.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

rapid7/metasploit-framework

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
lotusinotes-dwa85w-bo(75321) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2012-2175?: CVE-2012-2175 is a vulnerability in Ibm Lotus_inotes, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-06-20.
Is CVE-2012-2175 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.