This module exploits a remote stack-based buffer overflow vulnerability in the nrouter.exe component of IBM Lotus Domino when it parses the ORGANIZER field of an iCalendar invitation. This can be exploited by a remote, unauthenticated attacker to execute arbitrary code by sending a specially crafted e-mail with an embedded iCalendar invitation to the Lotus Domino SMTP server. In order to make the Domino server parse the crafted e-mail message, you must supply any valid e-mail address within the target Lotus Domino domain. However, note that no user interaction is required in order to exploit the vulnerability.
CVE Link
Exploit Platform
Product Name