CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2893

The DataPilot feature in IBM Lotus Symphony 3 before FP3 allows user-assisted remote attackers to cause a denial of service (application crash) via a large .xls spreadsheet with an invalid Value reference.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 77.2%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/74166
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
http://www.ibm.com/support/docview.wss?uid=swg21505448
http://www.securityfocus.com/bid/48936
https://exchange.xforce.ibmcloud.com/vulnerabilities/68748
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm
http://osvdb.org/74166
http://www.ibm.com/software/lotus/symphony/buzz.nsf/web_DisPlayPlugin?open&unid=9717F6F587AAA939852578D300404BCF&category=announcements
http://www.ibm.com/software/lotus/symphony/idcontents/releasenotes/en/readme_fixpack3_standalone_long.htm
http://www.ibm.com/support/docview.wss?uid=swg21505448
http://www.securityfocus.com/bid/48936
https://exchange.xforce.ibmcloud.com/vulnerabilities/68748
https://www-304.ibm.com/jct03001c/software/lotus/symphony/idcontents/releasenotes/en/readme_embedded_in_fixpack3_long.htm

Products affected by CVE-2011-2893

Ibm » Lotus Symphony » Version: 3.0.0

cpe:2.3:a:ibm:lotus_symphony:3.0.0
Ibm » Lotus Symphony » Version: 3.0.0.1

cpe:2.3:a:ibm:lotus_symphony:3.0.0.1
Ibm » Lotus Symphony » Version: 3.0.0.2

cpe:2.3:a:ibm:lotus_symphony:3.0.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2893

Products

Pricing

Contact Us