CyberSec.Space Logo
CVEブラウザに戻る

CVE-2011-0914

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile28.25th
Published2011年2月8日
Last Modified2026年4月29日

Vulnerability Description

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Affected Platforms (CPE)

📦
Ibm

Lotus Domino

<= 8.5.2.2
📦
Ibm

Lotus Domino

= 4.6.1
📦
Ibm

Lotus Domino

= 4.6.3
📦
Ibm

Lotus Domino

= 4.6.4
📦
Ibm

Lotus Domino

= 5.0
📦
Ibm

Lotus Domino

= 5.0.1
📦
Ibm

Lotus Domino

= 5.0.2
📦
Ibm

Lotus Domino

= 5.0.3
📦
Ibm

Lotus Domino

= 5.0.4
📦
Ibm

Lotus Domino

= 5.0.4a
📦
Ibm

Lotus Domino

= 5.0.5
📦
Ibm

Lotus Domino

= 5.0.6
📦
Ibm

Lotus Domino

= 5.0.6a
📦
Ibm

Lotus Domino

= 5.0.7
📦
Ibm

Lotus Domino

= 5.0.7a
📦
Ibm

Lotus Domino

= 5.0.8
📦
Ibm

Lotus Domino

= 5.0.8a
📦
Ibm

Lotus Domino

= 5.0.9
📦
Ibm

Lotus Domino

= 5.0.9a
📦
Ibm

Lotus Domino

= 5.0.10
📦
Ibm

Lotus Domino

= 5.0.11
📦
Ibm

Lotus Domino

= 6.0
📦
Ibm

Lotus Domino

= 6.0.1
📦
Ibm

Lotus Domino

= 6.0.1.1
📦
Ibm

Lotus Domino

= 6.0.1.2
📦
Ibm

Lotus Domino

= 6.0.1.3
📦
Ibm

Lotus Domino

= 6.0.2
📦
Ibm

Lotus Domino

= 6.0.2.1
📦
Ibm

Lotus Domino

= 6.0.2.2
📦
Ibm

Lotus Domino

= 6.0.2_cf2
📦
Ibm

Lotus Domino

= 6.0.3
📦
Ibm

Lotus Domino

= 6.0.4
📦
Ibm

Lotus Domino

= 6.0.5
📦
Ibm

Lotus Domino

= 6.5
📦
Ibm

Lotus Domino

= 6.5.0
📦
Ibm

Lotus Domino

= 6.5.1
📦
Ibm

Lotus Domino

= 6.5.2
📦
Ibm

Lotus Domino

= 6.5.2.1
📦
Ibm

Lotus Domino

= 6.5.3
📦
Ibm

Lotus Domino

= 6.5.3.1
📦
Ibm

Lotus Domino

= 6.5.4
📦
Ibm

Lotus Domino

= 6.5.4.1
📦
Ibm

Lotus Domino

= 6.5.4.2
📦
Ibm

Lotus Domino

= 6.5.4.3
📦
Ibm

Lotus Domino

= 6.5.5
📦
Ibm

Lotus Domino

= 6.5.6
📦
Ibm

Lotus Domino

= 7.0
📦
Ibm

Lotus Domino

= 7.0.1
📦
Ibm

Lotus Domino

= 7.0.1.1
📦
Ibm

Lotus Domino

= 7.0.2
📦
Ibm

Lotus Domino

= 7.0.2.1
📦
Ibm

Lotus Domino

= 7.0.2.2
📦
Ibm

Lotus Domino

= 7.0.2.3
📦
Ibm

Lotus Domino

= 7.0.3
📦
Ibm

Lotus Domino

= 7.0.3.1
📦
Ibm

Lotus Domino

= 7.0.4
📦
Ibm

Lotus Domino

= 7.0.4.1
📦
Ibm

Lotus Domino

= 7.0.4.2
📦
Ibm

Lotus Domino

= 8.0.1
📦
Ibm

Lotus Domino

= 8.0.2
📦
Ibm

Lotus Domino

= 8.0.2.1
📦
Ibm

Lotus Domino

= 8.0.2.2
📦
Ibm

Lotus Domino

= 8.0.2.3
📦
Ibm

Lotus Domino

= 8.0.2.4
📦
Ibm

Lotus Domino

= 8.0.2.5
📦
Ibm

Lotus Domino

= 8.0.2.6
📦
Ibm

Lotus Domino

= 8.5.1
📦
Ibm

Lotus Domino

= 8.5.1.1
📦
Ibm

Lotus Domino

= 8.5.1.2
📦
Ibm

Lotus Domino

= 8.5.1.3
📦
Ibm

Lotus Domino

= 8.5.1.4
📦
Ibm

Lotus Domino

= 8.5.1.5
📦
Ibm

Lotus Domino

= 8.5.2
📦
Ibm

Lotus Domino

= 8.5.2.1

References & Advisories

🔗 http://secunia.com/advisories/43208
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21461514
🔗 http://zerodayinitiative.com/advisories/ZDI-11-052/
🔗 http://secunia.com/advisories/43208
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21461514
🔗 http://zerodayinitiative.com/advisories/ZDI-11-052/

関連する脆弱性情報

CVE-2000-104710.0

Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibl...

CVE-2001-013010.0

Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers t...

CVE-2000-104610.0

Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of serv...

CVE-2001-084610.0

Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administra...