Stack-based buffer overflow in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, via crafted header in .lzh attachment (SPR PRAD88MJ2W)

Stack-based buffer overflow in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, via crafted header in .lzh attachment (SPR PRAD88MJ2W)

CVE-2011-1213 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

Learn more about our Cis Benchmark Audit For Ibm I.