CVE-2014-0892: Infoleak
First published: Wed Apr 23 2014(Updated: )
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Domino | =8.5.0 | |
| IBM Domino | =8.5.0.1 | |
| IBM Domino | =8.5.1 | |
| IBM Domino | =8.5.1.1 | |
| IBM Domino | =8.5.1.2 | |
| IBM Domino | =8.5.1.3 | |
| IBM Domino | =8.5.1.4 | |
| IBM Domino | =8.5.1.5 | |
| IBM Domino | =8.5.2.0 | |
| IBM Domino | =8.5.2.1 | |
| IBM Domino | =8.5.2.2 | |
| IBM Domino | =8.5.2.3 | |
| IBM Domino | =8.5.2.4 | |
| IBM Domino | =8.5.3.0 | |
| IBM Domino | =8.5.3.1 | |
| IBM Domino | =8.5.3.2 | |
| IBM Domino | =8.5.3.3 | |
| IBM Domino | =8.5.3.4 | |
| IBM Domino | =8.5.3.5 | |
| IBM Domino | =8.5.3.6 | |
| IBM Domino | =9.0.0.0 | |
| IBM Domino | =9.0.1.0 | |
| Linux Kernel | ||
| IBM Lotus Notes | =8.5 | |
| IBM Lotus Notes | =8.5.0.0 | |
| IBM Lotus Notes | =8.5.0.1 | |
| IBM Lotus Notes | =8.5.1 | |
| IBM Lotus Notes | =8.5.1.0 | |
| IBM Lotus Notes | =8.5.1.1 | |
| IBM Lotus Notes | =8.5.1.2 | |
| IBM Lotus Notes | =8.5.1.3 | |
| IBM Lotus Notes | =8.5.1.4 | |
| IBM Lotus Notes | =8.5.1.5 | |
| IBM Lotus Notes | =8.5.2.0 | |
| IBM Lotus Notes | =8.5.2.1 | |
| IBM Lotus Notes | =8.5.2.2 | |
| IBM Lotus Notes | =8.5.2.3 | |
| IBM Lotus Notes | =8.5.3 | |
| IBM Lotus Notes | =8.5.3.1 | |
| IBM Lotus Notes | =8.5.3.2 | |
| IBM Lotus Notes | =8.5.3.3 | |
| IBM Lotus Notes | =8.5.3.4 | |
| IBM Lotus Notes | =8.5.3.5 | |
| IBM Lotus Notes | =8.5.3.6 | |
| IBM Lotus Notes | =9.0.0.0 | |
| IBM Lotus Notes | =9.0.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-0892?
CVE-2014-0892 is considered a critical vulnerability due to the potential for remote code execution.
How do I fix CVE-2014-0892?
To address CVE-2014-0892, upgrade to IBM Notes and Domino version 8.5.3 FP6 IF3 or 9.0.1 FP1 or later.
Which versions are affected by CVE-2014-0892?
CVE-2014-0892 affects IBM Notes and Domino versions 8.5.x below 8.5.3 FP6 IF3 and 9.x below 9.0.1 FP1 on 32-bit Linux.
What type of vulnerability is CVE-2014-0892?
CVE-2014-0892 is a buffer overflow vulnerability that can allow remote attackers to execute arbitrary code.
Is there a workaround for CVE-2014-0892?
There is no specific workaround for CVE-2014-0892; upgrading to a patched version is the recommended action.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/severity
- agent/author
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm domino
- version/ibm domino/8.5.0
- version/ibm domino/8.5.0.1
- version/ibm domino/8.5.1
- version/ibm domino/8.5.1.1
- version/ibm domino/8.5.1.2
- version/ibm domino/8.5.1.3
- version/ibm domino/8.5.1.4
- version/ibm domino/8.5.1.5
- version/ibm domino/8.5.2.0
- version/ibm domino/8.5.2.1
- version/ibm domino/8.5.2.2
- version/ibm domino/8.5.2.3
- version/ibm domino/8.5.2.4
- version/ibm domino/8.5.3.0
- version/ibm domino/8.5.3.1
- version/ibm domino/8.5.3.2
- version/ibm domino/8.5.3.3
- version/ibm domino/8.5.3.4
- version/ibm domino/8.5.3.5
- version/ibm domino/8.5.3.6
- version/ibm domino/9.0.0.0
- version/ibm domino/9.0.1.0
- vendor/linux
- canonical/linux kernel
- canonical/ibm lotus notes
- version/ibm lotus notes/8.5
- version/ibm lotus notes/8.5.0.0
- version/ibm lotus notes/8.5.0.1
- version/ibm lotus notes/8.5.1
- version/ibm lotus notes/8.5.1.0
- version/ibm lotus notes/8.5.1.1
- version/ibm lotus notes/8.5.1.2
- version/ibm lotus notes/8.5.1.3
- version/ibm lotus notes/8.5.1.4
- version/ibm lotus notes/8.5.1.5
- version/ibm lotus notes/8.5.2.0
- version/ibm lotus notes/8.5.2.1
- version/ibm lotus notes/8.5.2.2
- version/ibm lotus notes/8.5.2.3
- version/ibm lotus notes/8.5.3
- version/ibm lotus notes/8.5.3.1
- version/ibm lotus notes/8.5.3.2
- version/ibm lotus notes/8.5.3.3
- version/ibm lotus notes/8.5.3.4
- version/ibm lotus notes/8.5.3.5
- version/ibm lotus notes/8.5.3.6
- version/ibm lotus notes/9.0.0.0
- version/ibm lotus notes/9.0.1.0