CVE-2011-1512 Information

Description

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView as used in IBM Lotus Notes before 8.5.2 FP3 allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment aka SPR PRAD8E3HKR.

Reference

http://secunia.com/advisories/44624 http://securityreason.com/securityalert/8263 http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow http://www.ibm.com/support/docview.wss?uid=swg21500034 http://www.securityfocus.com/archive/1/518120/100/0/threaded http://www.securityfocus.com/bid/47962 https://exchange.xforce.ibmcloud.com/vulnerabilities/67619 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14203