Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18270
HistoryOct 23, 2007 - 12:00 a.m.

[vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities

2007-10-2300:00:00
vulners.com
17

[vuln.sg] Vulnerability Research Advisory

IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities

by Tan Chew Keong
Release Date: 2007-10-23

Summary

Multiple exploitable buffer overflow vulnerabilities were found within the file attachment viewer in IBM Lotus Notes. The vulnerabilities can be exploited to execute arbitrary code by tricking the user to view a malicious DOC, SAM, WPD, or MIF file attachment using the file attachment viewer in Lotus Notes.

Tested Versions

Lotus Notes 7.0.2 (Trial)

Details

http://vuln.sg/lotusnotes702-en.html
http://vuln.sg/lotusnotes702-jp.html

Vendor's Technote

http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111