Vulnerability Description
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by leveraging the absence of the NX protection mechanism and placing crafted x86 code on the stack, aka SPR KLYH9GGS9W.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Domino | 8.5.0 |
| Linux | Linux Kernel | All versions |
| Ibm | Lotus Notes | 8.5 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21670264Vendor Advisory
- http://www.kb.cert.org/vuls/id/350089US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
- http://www-01.ibm.com/support/docview.wss?uid=swg21670264Vendor Advisory
- http://www.kb.cert.org/vuls/id/350089US Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/91286
FAQ
What is CVE-2014-0892?
CVE-2014-0892 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by le...
How severe is CVE-2014-0892?
CVE-2014-0892 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0892?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Domino, Linux Linux Kernel, Ibm Lotus Notes.