IBM Lotus Domino iCalendar Attachment Name Buffer Overflow Exploit

A stack-based buffer overflow exists in the nRouter.exe component of IBM Lotus Domino when parsing the filename of an attachment within an iCalendar invitation. This can be exploited by a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted e-mail to the Lotus Domino SMTP server. This module bypasses Data Execution Prevention (DEP) in order to install an agent on the target machine.
Exploit type: 
Vulnerabilty ID: 
Released Date: 
Wednesday, May 18, 2011 - 19:00