CyberSec.Space Logo
Back to CVE Browser

CVE-2011-0914

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile28.25th
PublishedFeb 8, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Ibm

Lotus Domino

<= 8.5.2.2
πŸ“¦
Ibm

Lotus Domino

= 4.6.1
πŸ“¦
Ibm

Lotus Domino

= 4.6.3
πŸ“¦
Ibm

Lotus Domino

= 4.6.4
πŸ“¦
Ibm

Lotus Domino

= 5.0
πŸ“¦
Ibm

Lotus Domino

= 5.0.1
πŸ“¦
Ibm

Lotus Domino

= 5.0.2
πŸ“¦
Ibm

Lotus Domino

= 5.0.3
πŸ“¦
Ibm

Lotus Domino

= 5.0.4
πŸ“¦
Ibm

Lotus Domino

= 5.0.4a
πŸ“¦
Ibm

Lotus Domino

= 5.0.5
πŸ“¦
Ibm

Lotus Domino

= 5.0.6
πŸ“¦
Ibm

Lotus Domino

= 5.0.6a
πŸ“¦
Ibm

Lotus Domino

= 5.0.7
πŸ“¦
Ibm

Lotus Domino

= 5.0.7a
πŸ“¦
Ibm

Lotus Domino

= 5.0.8
πŸ“¦
Ibm

Lotus Domino

= 5.0.8a
πŸ“¦
Ibm

Lotus Domino

= 5.0.9
πŸ“¦
Ibm

Lotus Domino

= 5.0.9a
πŸ“¦
Ibm

Lotus Domino

= 5.0.10
πŸ“¦
Ibm

Lotus Domino

= 5.0.11
πŸ“¦
Ibm

Lotus Domino

= 6.0
πŸ“¦
Ibm

Lotus Domino

= 6.0.1
πŸ“¦
Ibm

Lotus Domino

= 6.0.1.1
πŸ“¦
Ibm

Lotus Domino

= 6.0.1.2
πŸ“¦
Ibm

Lotus Domino

= 6.0.1.3
πŸ“¦
Ibm

Lotus Domino

= 6.0.2
πŸ“¦
Ibm

Lotus Domino

= 6.0.2.1
πŸ“¦
Ibm

Lotus Domino

= 6.0.2.2
πŸ“¦
Ibm

Lotus Domino

= 6.0.2_cf2
πŸ“¦
Ibm

Lotus Domino

= 6.0.3
πŸ“¦
Ibm

Lotus Domino

= 6.0.4
πŸ“¦
Ibm

Lotus Domino

= 6.0.5
πŸ“¦
Ibm

Lotus Domino

= 6.5
πŸ“¦
Ibm

Lotus Domino

= 6.5.0
πŸ“¦
Ibm

Lotus Domino

= 6.5.1
πŸ“¦
Ibm

Lotus Domino

= 6.5.2
πŸ“¦
Ibm

Lotus Domino

= 6.5.2.1
πŸ“¦
Ibm

Lotus Domino

= 6.5.3
πŸ“¦
Ibm

Lotus Domino

= 6.5.3.1
πŸ“¦
Ibm

Lotus Domino

= 6.5.4
πŸ“¦
Ibm

Lotus Domino

= 6.5.4.1
πŸ“¦
Ibm

Lotus Domino

= 6.5.4.2
πŸ“¦
Ibm

Lotus Domino

= 6.5.4.3
πŸ“¦
Ibm

Lotus Domino

= 6.5.5
πŸ“¦
Ibm

Lotus Domino

= 6.5.6
πŸ“¦
Ibm

Lotus Domino

= 7.0
πŸ“¦
Ibm

Lotus Domino

= 7.0.1
πŸ“¦
Ibm

Lotus Domino

= 7.0.1.1
πŸ“¦
Ibm

Lotus Domino

= 7.0.2
πŸ“¦
Ibm

Lotus Domino

= 7.0.2.1
πŸ“¦
Ibm

Lotus Domino

= 7.0.2.2
πŸ“¦
Ibm

Lotus Domino

= 7.0.2.3
πŸ“¦
Ibm

Lotus Domino

= 7.0.3
πŸ“¦
Ibm

Lotus Domino

= 7.0.3.1
πŸ“¦
Ibm

Lotus Domino

= 7.0.4
πŸ“¦
Ibm

Lotus Domino

= 7.0.4.1
πŸ“¦
Ibm

Lotus Domino

= 7.0.4.2
πŸ“¦
Ibm

Lotus Domino

= 8.0.1
πŸ“¦
Ibm

Lotus Domino

= 8.0.2
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.1
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.2
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.3
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.4
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.5
πŸ“¦
Ibm

Lotus Domino

= 8.0.2.6
πŸ“¦
Ibm

Lotus Domino

= 8.5.1
πŸ“¦
Ibm

Lotus Domino

= 8.5.1.1
πŸ“¦
Ibm

Lotus Domino

= 8.5.1.2
πŸ“¦
Ibm

Lotus Domino

= 8.5.1.3
πŸ“¦
Ibm

Lotus Domino

= 8.5.1.4
πŸ“¦
Ibm

Lotus Domino

= 8.5.1.5
πŸ“¦
Ibm

Lotus Domino

= 8.5.2
πŸ“¦
Ibm

Lotus Domino

= 8.5.2.1

References & Advisories

πŸ”— http://secunia.com/advisories/43208
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21461514
πŸ”— http://zerodayinitiative.com/advisories/ZDI-11-052/
πŸ”— http://secunia.com/advisories/43208
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21461514
πŸ”— http://zerodayinitiative.com/advisories/ZDI-11-052/

Related Vulnerabilities

CVE-2000-104710.0

Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibl...

CVE-2001-013010.0

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers t...

CVE-2000-104610.0

Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of serv...

CVE-2001-084610.0

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administra...