CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.

Affected Software

Name	Vendor	Start Version	End Version
Lotus_notes	Ibm	3.0	3.0
Lotus_notes	Ibm	3.0.0.1	3.0.0.1
Lotus_notes	Ibm	3.0.0.2	3.0.0.2
Lotus_notes	Ibm	4.2	4.2
Lotus_notes	Ibm	4.2.1	4.2.1
Lotus_notes	Ibm	4.2.2	4.2.2
Lotus_notes	Ibm	4.5	4.5
Lotus_notes	Ibm	4.6	4.6
Lotus_notes	Ibm	4.6.7a	4.6.7a
Lotus_notes	Ibm	4.6.7h	4.6.7h
Lotus_notes	Ibm	5.0	5.0
Lotus_notes	Ibm	5.0.1	5.0.1
Lotus_notes	Ibm	5.0.1.02	5.0.1.02
Lotus_notes	Ibm	5.0.1a	5.0.1a
Lotus_notes	Ibm	5.0.1b	5.0.1b
Lotus_notes	Ibm	5.0.1c	5.0.1c
Lotus_notes	Ibm	5.0.2	5.0.2
Lotus_notes	Ibm	5.0.2a	5.0.2a
Lotus_notes	Ibm	5.0.2b	5.0.2b
Lotus_notes	Ibm	5.0.2c	5.0.2c
Lotus_notes	Ibm	5.0.3	5.0.3
Lotus_notes	Ibm	5.0.4	5.0.4
Lotus_notes	Ibm	5.0.4a	5.0.4a
Lotus_notes	Ibm	5.0.5	5.0.5
Lotus_notes	Ibm	5.0.5.01	5.0.5.01
Lotus_notes	Ibm	5.0.5.02	5.0.5.02
Lotus_notes	Ibm	5.0.6	5.0.6
Lotus_notes	Ibm	5.0.6a	5.0.6a
Lotus_notes	Ibm	5.0.6a.01	5.0.6a.01
Lotus_notes	Ibm	5.0.7	5.0.7
Lotus_notes	Ibm	5.0.7a	5.0.7a
Lotus_notes	Ibm	5.0.8	5.0.8
Lotus_notes	Ibm	5.0.9	5.0.9
Lotus_notes	Ibm	5.0.9a	5.0.9a
Lotus_notes	Ibm	5.0.10	5.0.10
Lotus_notes	Ibm	5.0.11	5.0.11
Lotus_notes	Ibm	5.0.12	5.0.12
Lotus_notes	Ibm	5.0a	5.0a
Lotus_notes	Ibm	5.02	5.02
Lotus_notes	Ibm	6.0	6.0
Lotus_notes	Ibm	6.0.1	6.0.1
Lotus_notes	Ibm	6.0.1	6.0.1
Lotus_notes	Ibm	6.0.1	6.0.1
Lotus_notes	Ibm	6.0.1	6.0.1
Lotus_notes	Ibm	6.0.2	6.0.2
Lotus_notes	Ibm	6.0.2	6.0.2
Lotus_notes	Ibm	6.0.2	6.0.2
Lotus_notes	Ibm	6.0.2.2	6.0.2.2
Lotus_notes	Ibm	6.0.3	6.0.3
Lotus_notes	Ibm	6.0.4	6.0.4
Lotus_notes	Ibm	6.0.5	6.0.5
Lotus_notes	Ibm	6.5	6.5
Lotus_notes	Ibm	6.5.1	6.5.1
Lotus_notes	Ibm	6.5.2	6.5.2
Lotus_notes	Ibm	6.5.3	6.5.3
Lotus_notes	Ibm	6.5.3.1	6.5.3.1
Lotus_notes	Ibm	6.5.4	6.5.4
Lotus_notes	Ibm	6.5.4.1	6.5.4.1
Lotus_notes	Ibm	6.5.4.2	6.5.4.2
Lotus_notes	Ibm	6.5.4.3	6.5.4.3
Lotus_notes	Ibm	6.5.5	6.5.5
Lotus_notes	Ibm	6.5.5.1	6.5.5.1
Lotus_notes	Ibm	6.5.5.2	6.5.5.2
Lotus_notes	Ibm	6.5.5.3	6.5.5.3
Lotus_notes	Ibm	6.5.6	6.5.6
Lotus_notes	Ibm	6.5.6.1	6.5.6.1
Lotus_notes	Ibm	6.5.6.2	6.5.6.2
Lotus_notes	Ibm	6.5.6.3	6.5.6.3
Lotus_notes	Ibm	7.0	7.0
Lotus_notes	Ibm	7.0.0	7.0.0
Lotus_notes	Ibm	7.0.1	7.0.1
Lotus_notes	Ibm	7.0.1.1	7.0.1.1
Lotus_notes	Ibm	7.0.2	7.0.2
Lotus_notes	Ibm	7.0.2.1	7.0.2.1
Lotus_notes	Ibm	7.0.2.2	7.0.2.2
Lotus_notes	Ibm	7.0.2.3	7.0.2.3
Lotus_notes	Ibm	7.0.3	7.0.3
Lotus_notes	Ibm	7.0.3.1	7.0.3.1
Lotus_notes	Ibm	7.0.4	7.0.4
Lotus_notes	Ibm	7.0.4.0	7.0.4.0
Lotus_notes	Ibm	7.0.4.1	7.0.4.1
Lotus_notes	Ibm	7.0.4.2	7.0.4.2
Lotus_notes	Ibm	8.0	8.0
Lotus_notes	Ibm	8.0.0	8.0.0
Lotus_notes	Ibm	8.0.1	8.0.1
Lotus_notes	Ibm	8.0.2	8.0.2
Lotus_notes	Ibm	8.0.2.0	8.0.2.0
Lotus_notes	Ibm	8.0.2.1	8.0.2.1
Lotus_notes	Ibm	8.0.2.2	8.0.2.2
Lotus_notes	Ibm	8.0.2.3	8.0.2.3
Lotus_notes	Ibm	8.0.2.4	8.0.2.4
Lotus_notes	Ibm	8.0.2.5	8.0.2.5
Lotus_notes	Ibm	8.0.2.6	8.0.2.6
Lotus_notes	Ibm	8.5	8.5
Lotus_notes	Ibm	8.5.0.0	8.5.0.0
Lotus_notes	Ibm	8.5.0.1	8.5.0.1
Lotus_notes	Ibm	8.5.1	8.5.1
Lotus_notes	Ibm	8.5.1.0	8.5.1.0
Lotus_notes	Ibm	8.5.1.1	8.5.1.1
Lotus_notes	Ibm	8.5.1.2	8.5.1.2
Lotus_notes	Ibm	8.5.1.3	8.5.1.3
Lotus_notes	Ibm	8.5.1.4	8.5.1.4
Lotus_notes	Ibm	8.5.1.5	8.5.1.5
Lotus_notes	Ibm	8.5.2.0	8.5.2.0
Lotus_notes	Ibm	8.5.2.1	8.5.2.1
Lotus_notes	Ibm	*	8.5.2.2

NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1213
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References