Lotus Notes/Domino Web Retriever Buffer Overflow Denial Of Service Vulnerability

Lotus Notes/Domino Web Retriever Buffer Overflow Denial Of Service Vulnerability

A buffer overflow vulnerability has been reported for the Web Retriever program that will result in a denial of service condition. Web Retriever is a program that returns web pages for Notes users.

An attacker can exploit this vulnerability by enticing a victim user to visit an attacker-controlled site. When a HTTP request is made, the malicious site responds with a HTTP response that includes an overly long status line. When Web Retriever processes this request, the buffer overflow condition is triggered and will result in a denial of service condition.