Information disclosure in Ibm Lotus_domino

CVE-2014-0892

IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protecti…

Vulnerability class: Information Disclosure

EPSS: 0.013 (80.2th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_domino — versions 8.5.0, 8.5.0.1, 8.5.1
Ibm Lotus_notes — versions 8.5, 8.5.0.0, 8.5.0.1
Linux Linux_kernel
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

VU#350089 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-notes-cve20140892-linux32-rce(91286) (vdb-entry, x_refsource_XF)