Arbitrary Code Execution via Heap-Based Buffer Overflow in IBM Lotus Domino DIIOP Implementation

Arbitrary Code Execution via Heap-Based Buffer Overflow in IBM Lotus Domino DIIOP Implementation

CVE-2011-0914 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Learn more about our Cis Benchmark Audit For Ibm I.