CVE-2011-1217

Current Description

Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.

Referenced by CVEs:CVE-2011-0548

Basic Data

PublishedMay 31, 2011
Last ModifiedSeptember 19, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-119
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score9.3
SeverityHIGH
Exploitability Score8.6
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationIbmLotus Notes3.0*******
    2.3ApplicationIbmLotus Notes3.0.0.1*******
    2.3ApplicationIbmLotus Notes3.0.0.2*******
    2.3ApplicationIbmLotus Notes4.2*******
    2.3ApplicationIbmLotus Notes4.2.1*******
    2.3ApplicationIbmLotus Notes4.2.2*******
    2.3ApplicationIbmLotus Notes4.5*******
    2.3ApplicationIbmLotus Notes4.6*******
    2.3ApplicationIbmLotus Notes4.6.7a*******
    2.3ApplicationIbmLotus Notes4.6.7h*******
    2.3ApplicationIbmLotus Notes5.0*******
    2.3ApplicationIbmLotus Notes5.0.1*******
    2.3ApplicationIbmLotus Notes5.0.1.02*******
    2.3ApplicationIbmLotus Notes5.0.1a*******
    2.3ApplicationIbmLotus Notes5.0.1b*******
    2.3ApplicationIbmLotus Notes5.0.1c*******
    2.3ApplicationIbmLotus Notes5.0.2*******
    2.3ApplicationIbmLotus Notes5.0.2a*******
    2.3ApplicationIbmLotus Notes5.0.2b*******
    2.3ApplicationIbmLotus Notes5.0.2c*******
    2.3ApplicationIbmLotus Notes5.0.3*******
    2.3ApplicationIbmLotus Notes5.0.4*******
    2.3ApplicationIbmLotus Notes5.0.4a*******
    2.3ApplicationIbmLotus Notes5.0.5*******
    2.3ApplicationIbmLotus Notes5.0.5.01*******
    2.3ApplicationIbmLotus Notes5.0.5.02*******
    2.3ApplicationIbmLotus Notes5.0.6*******
    2.3ApplicationIbmLotus Notes5.0.6a*******
    2.3ApplicationIbmLotus Notes5.0.6a.01*******
    2.3ApplicationIbmLotus Notes5.0.7*******
    2.3ApplicationIbmLotus Notes5.0.7a*******
    2.3ApplicationIbmLotus Notes5.0.8*******
    2.3ApplicationIbmLotus Notes5.0.9*******
    2.3ApplicationIbmLotus Notes5.0.9a*******
    2.3ApplicationIbmLotus Notes5.0.10*******
    2.3ApplicationIbmLotus Notes5.0.11*******
    2.3ApplicationIbmLotus Notes5.0.12*******
    2.3ApplicationIbmLotus Notes5.0a*******
    2.3ApplicationIbmLotus Notes5.02*******
    2.3ApplicationIbmLotus Notes6.0*******
    2.3ApplicationIbmLotus Notes6.0.1*******
    2.3ApplicationIbmLotus Notes6.0.1cf1******
    2.3ApplicationIbmLotus Notes6.0.1cf2******
    2.3ApplicationIbmLotus Notes6.0.1cf3******
    2.3ApplicationIbmLotus Notes6.0.2*******
    2.3ApplicationIbmLotus Notes6.0.2cf1******
    2.3ApplicationIbmLotus Notes6.0.2cf2******
    2.3ApplicationIbmLotus Notes6.0.2.2*******
    2.3ApplicationIbmLotus Notes6.0.3*******
    2.3ApplicationIbmLotus Notes6.0.4*******
    2.3ApplicationIbmLotus Notes6.0.5*******
    2.3ApplicationIbmLotus Notes6.5*******
    2.3ApplicationIbmLotus Notes6.5.1*******
    2.3ApplicationIbmLotus Notes6.5.2*******
    2.3ApplicationIbmLotus Notes6.5.3*******
    2.3ApplicationIbmLotus Notes6.5.3.1*******
    2.3ApplicationIbmLotus Notes6.5.4*******
    2.3ApplicationIbmLotus Notes6.5.4.1*******
    2.3ApplicationIbmLotus Notes6.5.4.2*******
    2.3ApplicationIbmLotus Notes6.5.4.3*******
    2.3ApplicationIbmLotus Notes6.5.5*******
    2.3ApplicationIbmLotus Notes6.5.5.1*******
    2.3ApplicationIbmLotus Notes6.5.5.2*******
    2.3ApplicationIbmLotus Notes6.5.5.3*******
    2.3ApplicationIbmLotus Notes6.5.6*******
    2.3ApplicationIbmLotus Notes6.5.6.1*******
    2.3ApplicationIbmLotus Notes6.5.6.2*******
    2.3ApplicationIbmLotus Notes6.5.6.3*******
    2.3ApplicationIbmLotus Notes7.0*******
    2.3ApplicationIbmLotus Notes7.0.0*******
    2.3ApplicationIbmLotus Notes7.0.1*******
    2.3ApplicationIbmLotus Notes7.0.1.1*******
    2.3ApplicationIbmLotus Notes7.0.2*******
    2.3ApplicationIbmLotus Notes7.0.2.1*******
    2.3ApplicationIbmLotus Notes7.0.2.2*******
    2.3ApplicationIbmLotus Notes7.0.2.3*******
    2.3ApplicationIbmLotus Notes7.0.3*******
    2.3ApplicationIbmLotus Notes7.0.3.1*******
    2.3ApplicationIbmLotus Notes7.0.4*******
    2.3ApplicationIbmLotus Notes7.0.4.0*******
    2.3ApplicationIbmLotus Notes7.0.4.1*******
    2.3ApplicationIbmLotus Notes7.0.4.2*******
    2.3ApplicationIbmLotus Notes8.0*******
    2.3ApplicationIbmLotus Notes8.0.0*******
    2.3ApplicationIbmLotus Notes8.0.1*******
    2.3ApplicationIbmLotus Notes8.0.2*******
    2.3ApplicationIbmLotus Notes8.0.2.0*******
    2.3ApplicationIbmLotus Notes8.0.2.1*******
    2.3ApplicationIbmLotus Notes8.0.2.2*******
    2.3ApplicationIbmLotus Notes8.0.2.3*******
    2.3ApplicationIbmLotus Notes8.0.2.4*******
    2.3ApplicationIbmLotus Notes8.0.2.5*******
    2.3ApplicationIbmLotus Notes8.0.2.6*******
    2.3ApplicationIbmLotus Notes8.5*******
    2.3ApplicationIbmLotus Notes8.5.0.0*******
    2.3ApplicationIbmLotus Notes8.5.0.1*******
    2.3ApplicationIbmLotus Notes8.5.1*******
    2.3ApplicationIbmLotus Notes8.5.1.0*******
    2.3ApplicationIbmLotus Notes8.5.1.1*******
    2.3ApplicationIbmLotus Notes8.5.1.2*******
    2.3ApplicationIbmLotus Notes8.5.1.3*******
    2.3ApplicationIbmLotus Notes8.5.1.4*******
    2.3ApplicationIbmLotus Notes8.5.1.5*******
    2.3ApplicationIbmLotus Notes8.5.2.0*******
    2.3ApplicationIbmLotus Notes8.5.2.1*******
    2.3ApplicationIbmLotus Notes********8.5.2.2

Vulnerable Software List

VendorProductVersions
Ibm Lotus Notes *, 3.0, 3.0.0.1, 3.0.0.2, 4.2, 4.2.1, 4.2.2, 4.5, 4.6, 4.6.7a, 4.6.7h, 5.0, 5.0.1, 5.0.1.02, 5.0.10, 5.0.11, 5.0.12, 5.0.1a, 5.0.1b, 5.0.1c, 5.0.2, 5.0.2a, 5.0.2b, 5.0.2c, 5.0.3, 5.0.4, 5.0.4a, 5.0.5, 5.0.5.01, 5.0.5.02, 5.0.6, 5.0.6a, 5.0.6a.01, 5.0.7, 5.0.7a, 5.0.8, 5.0.9, 5.0.9a, 5.02, 5.0a, 6.0, 6.0.1, 6.0.2, 6.0.2.2, 6.0.3, 6.0.4, 6.0.5, 6.5, 6.5.1, 6.5.2, 6.5.3, 6.5.3.1, 6.5.4, 6.5.4.1, 6.5.4.2, 6.5.4.3, 6.5.5, 6.5.5.1, 6.5.5.2, 6.5.5.3, 6.5.6, 6.5.6.1, 6.5.6.2, 6.5.6.3, 7.0, 7.0.0, 7.0.1, 7.0.1.1, 7.0.2, 7.0.2.1, 7.0.2.2, 7.0.2.3, 7.0.3, 7.0.3.1, 7.0.4, 7.0.4.0, 7.0.4.1, 7.0.4.2, 8.0, 8.0.0, 8.0.1, 8.0.2, 8.0.2.0, 8.0.2.1, 8.0.2.2, 8.0.2.3, 8.0.2.4, 8.0.2.5, 8.0.2.6, 8.5, 8.5.0.0, 8.5.0.1, 8.5.1, 8.5.1.0, 8.5.1.1, 8.5.1.2, 8.5.1.3, 8.5.1.4, 8.5.1.5, 8.5.2.0, 8.5.2.1

References

NameSourceURLTags
44624http://secunia.com/advisories/44624SECUNIAVendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21500034http://www.ibm.com/support/docview.wss?uid=swg21500034CONFIRM
47962http://www.securityfocus.com/bid/47962BID
lotus-notes-kpprzrdr-bo(67624)https://exchange.xforce.ibmcloud.com/vulnerabilities/67624XF
oval:org.mitre.oval:def:14822https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14822OVAL