CVE-2011-0919 Information

Description

Multiple stack-based buffer overflows in the (1) POP3 and (2) IMAP services in IBM Lotus Domino allow remote attackers to execute arbitrary code via non-printable characters in an envelope sender address aka SPR KLYH87LLVJ.

Reference

http://secunia.com/advisories/43224 http://www.securityfocus.com/archive/1/516232/100/0/threaded http://www-01.ibm.com/support/docview.wss?uid=swg21461514 http://zerodayinitiative.com/advisories/ZDI-11-045/