CVE-2011-1215 (GCVE-0-2011-1215)
Vulnerability from cvelistv5
Published
2011-05-31 20:00
Modified
2024-08-06 22:21
Severity ?
CWE
  • n/a
Summary
Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:21:34.045Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
          },
          {
            "name": "47962",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/47962"
          },
          {
            "name": "44624",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44624"
          },
          {
            "name": "lotus-notes-mw8sr-bo(67622)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
          },
          {
            "name": "oval:org.mitre.oval:def:14650",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
          },
          {
            "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-05-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
        },
        {
          "name": "47962",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/47962"
        },
        {
          "name": "44624",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44624"
        },
        {
          "name": "lotus-notes-mw8sr-bo(67622)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
        },
        {
          "name": "oval:org.mitre.oval:def:14650",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
        },
        {
          "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1215",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21500034",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21500034"
            },
            {
              "name": "47962",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/47962"
            },
            {
              "name": "44624",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/44624"
            },
            {
              "name": "lotus-notes-mw8sr-bo(67622)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67622"
            },
            {
              "name": "oval:org.mitre.oval:def:14650",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650"
            },
            {
              "name": "20110524 IBM Lotus Notes Office Document Attachment Viewer Stack Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1215",
    "datePublished": "2011-05-31T20:00:00",
    "dateReserved": "2011-03-03T00:00:00",
    "dateUpdated": "2024-08-06T22:21:34.045Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-1215\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-05-31T20:55:02.030\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in mw8sr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment, aka SPR PRAD8823ND.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer basado en pila en mw8sr.dll en Autonomy KeyView, tal como se utiliza en IBM Lotus Notes antes de v8.5.2 FP3, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un enlace manipulado en un archivo adjunto de documento de Microsoft Office, tambi\u00e9n conocido como SPR PRAD8823ND.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.5.2.2\",\"matchCriteriaId\":\"F06E9E8E-9A82-4665-A848-5E0BAD141A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68AEB13D-C7C6-426F-8484-85EFF7245DF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957BA698-9D48-4906-9FF3-584927C978B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94646433-DE15-4214-9C78-7D1DAB5A12D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1AD22A1-A85C-4755-97CB-6B946E1DBE0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3449A490-865A-4262-8482-429DEF455644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98AF1B57-680B-45E5-9991-83DDE4634EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC128482-5AA3-43D9-AE5F-154E8485F699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2837D777-5C59-4335-A4BC-611397D1D1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F01C5CFC-7FB8-4D29-95AC-8EF59B0C170D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37F5FB91-53EE-47BA-84B7-49CE9D83C8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC9D74FC-8F26-4D1A-B02B-C4037FF8388A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1AD640D-BFDC-4E27-BF8B-4FE35DE87890\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:7.0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB38591-F55A-48B2-AD52-FF266D19BB97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"692E295E-E650-42D5-AF7A-D6276C3D76E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1E25625-8570-4744-A2A2-4A4FB4D8AC6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50660BA1-A24A-4DBF-AB59-1CF04FA54120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69A79FA5-83FB-4067-B2A6-17EAF3947998\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17815F4E-BB34-40D2-A3EE-3C7741940D1B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DE79982-9E92-498A-B961-55CB1D2D104F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6814E3F-479C-4F56-BF66-C685E60CCA34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9EF5DE-4432-4099-AD59-CDD52E387BB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1013797-0442-46A7-A94F-354388BA6B69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CC228A3-1878-4A9F-8664-F4DFF77BF74B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0119A252-73B1-490F-9371-06E8FDB8B979\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57D24791-E798-4B08-A051-E880DEFB8268\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2758590C-67FD-4DD6-84C1-0D32264BBE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7FC083C-B25E-427F-B722-B5ABD4F072F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDA723DB-62C5-4C84-B0BA-5313FDA49D73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92F08B96-D43E-407E-839C-4C3C5BB58B2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E50C779-C780-45FB-BC77-B9717389D2EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"867779A4-A7A5-48AD-9AC0-C6476719A5EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D475EF5-DBB3-4B98-BB07-83A2632B5E0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F797A209-65C0-4A20-9DA2-C5576C091DE2\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/44624\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21500034\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/47962\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67622\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/44624\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21500034\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/47962\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/67622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14650\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.