2011-02-08 23:00:02 2011-02-23 07:48:34

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE
GNU Automake 1.0 GNU Automake 1.10 GNU Anubis 3.9.93 Gnu Aspell Dictionary 0.50-2 English GNU a2ps 4.12 GNU a2ps 4.10.3 GNU a2ps 4.13b GNU Automake 1.8.3 GNU Automake 1.8.4 GNU Automake 1.11.1 GNU Automake 1.7.7 GNU Automake 1.10.3 GNU Automake 1.7.8 GNU Automake 1.11.5 GNU Automake 1.7.9 GNU Automake 1.11.3 GNU Automake 1.8 GNU Automake 1.8.1 GNU Anubis 3.6.0 GNU Automake 1.2 GNU Automake 1.12.2 GNU Automake 1.4-p2 GNU Automake 1.3 GNU Automake 1.4 Ibm Lotus domino 7.0.4 (not an official CPE) GNU Aspell 0.50.5 Ibm Lotus domino 7.0.3 (not an official CPE) GNU Automake 1.4-p1 Gns3 0.7.1 GNU Anubis GNU a2ps 4.13 GNU Automake 1.10.1 Gnu Aspell 0.50-3 GNU Automake 1.7 GNU Automake 1.7.1 GNU Automake 1.7.2 GNU Automake 1.7.3 Gnome Tomboy 1.0.1 Ibm Lotus domino 8.0.2.5 (not an official CPE) Ibm Lotus domino 8.0.2.6 (not an official CPE) Gnome Tomboy 1.2.2 GNU Anubis 3.9.92 GNU Automake 1.7.6 Ibm Lotus domino 8.5.2 (not an official CPE) GNOME Update Manager 0.156.14.4 GNOME Update Manager 0.156.14.3 GNU a2ps 4.10.4 GNU Automake 1.10.2 Gns3 1.2.3 Gns3 0.7.4 GNU a2ps 4.14 Gnome Tomboy 1.5.1 GNOME Update Manager 0.152.25.10 Gnome Tomboy 1.4.2 GNOME Update Manager 0.150.5.2 Gnome Tomboy 1.5.2 GNU Automake 1.6.2 GNU a2ps GNU Automake 1.11.2 GNU Automake 1.6.3 GNU Aspell GNU Automake 1.12 GNU Automake 1.11.6 Ibm Lotus domino 7.0.2.3 (not an official CPE) GNU Automake 1.4-p3 Ibm Lotus domino 7.0.2.1 (not an official CPE) GNU Automake 1.12.1 GNU Automake 1.6 GNU Automake 1.4-p5 GNOME Screensaver 3.5.3 GNU Automake 1.5 GNU Anubis 3.6.2 GNU Anubis 3.6.1 GNU Automake 1.11.4