IBM Lotus Domino iCalendar Attachment Name Buffer Overflow Exploit

A stack-based buffer overflow exists in the nRouter.exe component of IBM Lotus Domino when parsing the filename of an attachment within an iCalendar invitation. This can be exploited by a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted e-mail to the Lotus Domino SMTP server. This module bypasses Data Execution Prevention (DEP) in order to install an agent on the target machine.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2011-0915
Product Version: 
11.0
Released Date: 
Thursday, May 19, 2011 - 00:00