Autonomy · Autonomy Keyview · CVE-2011-1512
**Name of the Vulnerable Software and Affected Versions**
IBM Lotus Notes versions prior to 8.5.2 FP3
**Description**
The issue is related to a heap-based buffer overflow in the xlssr.dll component of Autonomy KeyView, used in IBM Lotus Notes. This can be exploited by remote attackers through a malformed BIFF record in a .xls Excel spreadsheet attachment, potentially allowing the execution of arbitrary code.
**Recommendations**
For versions prior to 8.5.2 FP3, update to version 8.5.2 FP3 or later to resolve the issue. As a temporary workaround, consider restricting the handling of .xls attachments in IBM Lotus Notes until the update is applied.