CVE-2011-1214

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes versions prior to 8.5.2 FP3

Description The issue is related to a stack-based buffer overflow in the rtfsr.dll component of Autonomy KeyView, used in IBM Lotus Notes. This allows remote attackers to execute arbitrary code via a crafted link in a .rtf attachment.

Recommendations For versions prior to 8.5.2 FP3, update to version 8.5.2 FP3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of .rtf attachments or restricting access to the rtfsr.dll component until the update is applied.