CVE-2011-1215

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes versions prior to 8.5.2 FP3

Description The issue is a stack-based buffer overflow in the mw8sr.dll component of Autonomy KeyView, used in IBM Lotus Notes. This allows remote attackers to execute arbitrary code via a crafted link in a Microsoft Office document attachment.

Recommendations For versions prior to 8.5.2 FP3, update to version 8.5.2 FP3 or later to resolve the issue. As a temporary workaround, consider restricting the handling of Microsoft Office document attachments to minimize the risk of exploitation.