CVE-2011-1216: Buffer Overflow
First published: Tue May 31 2011(Updated: )
Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Notes | <=8.5.2.2 | |
| IBM Notes | =3.0 | |
| IBM Notes | =3.0.0.1 | |
| IBM Notes | =3.0.0.2 | |
| IBM Notes | =4.2 | |
| IBM Notes | =4.2.1 | |
| IBM Notes | =4.2.2 | |
| IBM Notes | =4.5 | |
| IBM Notes | =4.6 | |
| IBM Notes | =4.6.7a | |
| IBM Notes | =4.6.7h | |
| IBM Notes | =5.0 | |
| IBM Notes | =5.0.1 | |
| IBM Notes | =5.0.1.02 | |
| IBM Notes | =5.0.1a | |
| IBM Notes | =5.0.1b | |
| IBM Notes | =5.0.1c | |
| IBM Notes | =5.0.2 | |
| IBM Notes | =5.0.2a | |
| IBM Notes | =5.0.2b | |
| IBM Notes | =5.0.2c | |
| IBM Notes | =5.0.3 | |
| IBM Notes | =5.0.4 | |
| IBM Notes | =5.0.4a | |
| IBM Notes | =5.0.5 | |
| IBM Notes | =5.0.5.01 | |
| IBM Notes | =5.0.5.02 | |
| IBM Notes | =5.0.6 | |
| IBM Notes | =5.0.6a | |
| IBM Notes | =5.0.6a.01 | |
| IBM Notes | =5.0.7 | |
| IBM Notes | =5.0.7a | |
| IBM Notes | =5.0.8 | |
| IBM Notes | =5.0.9 | |
| IBM Notes | =5.0.9a | |
| IBM Notes | =5.0.10 | |
| IBM Notes | =5.0.11 | |
| IBM Notes | =5.0.12 | |
| IBM Notes | =5.0a | |
| IBM Notes | =5.02 | |
| IBM Notes | =6.0 | |
| IBM Notes | =6.0.1 | |
| IBM Notes | =6.0.1-cf1 | |
| IBM Notes | =6.0.1-cf2 | |
| IBM Notes | =6.0.1-cf3 | |
| IBM Notes | =6.0.2 | |
| IBM Notes | =6.0.2-cf1 | |
| IBM Notes | =6.0.2-cf2 | |
| IBM Notes | =6.0.2.2 | |
| IBM Notes | =6.0.3 | |
| IBM Notes | =6.0.4 | |
| IBM Notes | =6.0.5 | |
| IBM Notes | =6.5 | |
| IBM Notes | =6.5.1 | |
| IBM Notes | =6.5.2 | |
| IBM Notes | =6.5.3 | |
| IBM Notes | =6.5.3.1 | |
| IBM Notes | =6.5.4 | |
| IBM Notes | =6.5.4.1 | |
| IBM Notes | =6.5.4.2 | |
| IBM Notes | =6.5.4.3 | |
| IBM Notes | =6.5.5 | |
| IBM Notes | =6.5.5.1 | |
| IBM Notes | =6.5.5.2 | |
| IBM Notes | =6.5.5.3 | |
| IBM Notes | =6.5.6 | |
| IBM Notes | =6.5.6.1 | |
| IBM Notes | =6.5.6.2 | |
| IBM Notes | =6.5.6.3 | |
| IBM Notes | =7.0 | |
| IBM Notes | =7.0.0 | |
| IBM Notes | =7.0.1 | |
| IBM Notes | =7.0.1.1 | |
| IBM Notes | =7.0.2 | |
| IBM Notes | =7.0.2.1 | |
| IBM Notes | =7.0.2.2 | |
| IBM Notes | =7.0.2.3 | |
| IBM Notes | =7.0.3 | |
| IBM Notes | =7.0.3.1 | |
| IBM Notes | =7.0.4 | |
| IBM Notes | =7.0.4.0 | |
| IBM Notes | =7.0.4.1 | |
| IBM Notes | =7.0.4.2 | |
| IBM Notes | =8.0 | |
| IBM Notes | =8.0.0 | |
| IBM Notes | =8.0.1 | |
| IBM Notes | =8.0.2 | |
| IBM Notes | =8.0.2.0 | |
| IBM Notes | =8.0.2.1 | |
| IBM Notes | =8.0.2.2 | |
| IBM Notes | =8.0.2.3 | |
| IBM Notes | =8.0.2.4 | |
| IBM Notes | =8.0.2.5 | |
| IBM Notes | =8.0.2.6 | |
| IBM Notes | =8.5 | |
| IBM Notes | =8.5.0.0 | |
| IBM Notes | =8.5.0.1 | |
| IBM Notes | =8.5.1 | |
| IBM Notes | =8.5.1.0 | |
| IBM Notes | =8.5.1.1 | |
| IBM Notes | =8.5.1.2 | |
| IBM Notes | =8.5.1.3 | |
| IBM Notes | =8.5.1.4 | |
| IBM Notes | =8.5.1.5 | |
| IBM Notes | =8.5.2.0 | |
| IBM Notes | =8.5.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/44624
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907
- http://www.ibm.com/support/docview.wss?uid=swg21500034
- http://www.securityfocus.com/bid/47962
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67623
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13796
Frequently Asked Questions
What is the severity of CVE-2011-1216?
CVE-2011-1216 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2011-1216?
To fix CVE-2011-1216, upgrade to IBM Lotus Notes version 8.5.2 FP3 or later.
Which versions of IBM Lotus Notes are affected by CVE-2011-1216?
CVE-2011-1216 affects IBM Lotus Notes versions prior to 8.5.2 FP3.
What type of vulnerability is CVE-2011-1216?
CVE-2011-1216 is a stack-based buffer overflow vulnerability.
Can CVE-2011-1216 be exploited by a remote attacker?
Yes, CVE-2011-1216 can be exploited by a remote attacker via malicious Applix spreadsheet attachments.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/ibm
- canonical/ibm notes
- version/ibm notes/8.5.2.2
- version/ibm notes/3.0
- version/ibm notes/3.0.0.1
- version/ibm notes/3.0.0.2
- version/ibm notes/4.2
- version/ibm notes/4.2.1
- version/ibm notes/4.2.2
- version/ibm notes/4.5
- version/ibm notes/4.6
- version/ibm notes/4.6.7a
- version/ibm notes/4.6.7h
- version/ibm notes/5.0
- version/ibm notes/5.0.1
- version/ibm notes/5.0.1.02
- version/ibm notes/5.0.1a
- version/ibm notes/5.0.1b
- version/ibm notes/5.0.1c
- version/ibm notes/5.0.2
- version/ibm notes/5.0.2a
- version/ibm notes/5.0.2b
- version/ibm notes/5.0.2c
- version/ibm notes/5.0.3
- version/ibm notes/5.0.4
- version/ibm notes/5.0.4a
- version/ibm notes/5.0.5
- version/ibm notes/5.0.5.01
- version/ibm notes/5.0.5.02
- version/ibm notes/5.0.6
- version/ibm notes/5.0.6a
- version/ibm notes/5.0.6a.01
- version/ibm notes/5.0.7
- version/ibm notes/5.0.7a
- version/ibm notes/5.0.8
- version/ibm notes/5.0.9
- version/ibm notes/5.0.9a
- version/ibm notes/5.0.10
- version/ibm notes/5.0.11
- version/ibm notes/5.0.12
- version/ibm notes/5.0a
- version/ibm notes/5.02
- version/ibm notes/6.0
- version/ibm notes/6.0.1
- version/ibm notes/6.0.1-cf1
- version/ibm notes/6.0.1-cf2
- version/ibm notes/6.0.1-cf3
- version/ibm notes/6.0.2
- version/ibm notes/6.0.2-cf1
- version/ibm notes/6.0.2-cf2
- version/ibm notes/6.0.2.2
- version/ibm notes/6.0.3
- version/ibm notes/6.0.4
- version/ibm notes/6.0.5
- version/ibm notes/6.5
- version/ibm notes/6.5.1
- version/ibm notes/6.5.2
- version/ibm notes/6.5.3
- version/ibm notes/6.5.3.1
- version/ibm notes/6.5.4
- version/ibm notes/6.5.4.1
- version/ibm notes/6.5.4.2
- version/ibm notes/6.5.4.3
- version/ibm notes/6.5.5
- version/ibm notes/6.5.5.1
- version/ibm notes/6.5.5.2
- version/ibm notes/6.5.5.3
- version/ibm notes/6.5.6
- version/ibm notes/6.5.6.1
- version/ibm notes/6.5.6.2
- version/ibm notes/6.5.6.3
- version/ibm notes/7.0
- version/ibm notes/7.0.0
- version/ibm notes/7.0.1
- version/ibm notes/7.0.1.1
- version/ibm notes/7.0.2
- version/ibm notes/7.0.2.1
- version/ibm notes/7.0.2.2
- version/ibm notes/7.0.2.3
- version/ibm notes/7.0.3
- version/ibm notes/7.0.3.1
- version/ibm notes/7.0.4
- version/ibm notes/7.0.4.0
- version/ibm notes/7.0.4.1
- version/ibm notes/7.0.4.2
- version/ibm notes/8.0
- version/ibm notes/8.0.0
- version/ibm notes/8.0.1
- version/ibm notes/8.0.2
- version/ibm notes/8.0.2.0
- version/ibm notes/8.0.2.1
- version/ibm notes/8.0.2.2
- version/ibm notes/8.0.2.3
- version/ibm notes/8.0.2.4
- version/ibm notes/8.0.2.5
- version/ibm notes/8.0.2.6
- version/ibm notes/8.5
- version/ibm notes/8.5.0.0
- version/ibm notes/8.5.0.1
- version/ibm notes/8.5.1
- version/ibm notes/8.5.1.0
- version/ibm notes/8.5.1.1
- version/ibm notes/8.5.1.2
- version/ibm notes/8.5.1.3
- version/ibm notes/8.5.1.4
- version/ibm notes/8.5.1.5
- version/ibm notes/8.5.2.0
- version/ibm notes/8.5.2.1