CVE-2011-1218

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes versions prior to 8.5.2 FP3

Description The issue is related to a buffer overflow in the kvarcve.dll component of Autonomy KeyView, used in IBM Lotus Notes. This allows remote attackers to execute arbitrary code via a crafted .zip attachment.

Recommendations For versions prior to 8.5.2 FP3, update to version 8.5.2 FP3 or later to resolve the issue. As a temporary workaround, consider restricting the handling of .zip attachments to minimize the risk of exploitation.