BugTraq
[vuln.sg] IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities Oct 23 2007 02:38PM
vulnpost-remove vuln sg
[vuln.sg] Vulnerability Research Advisory

IBM Lotus Notes Attachment Viewer Buffer Overflow Vulnerabilities

by Tan Chew Keong

Release Date: 2007-10-23

Summary

-------

Multiple exploitable buffer overflow vulnerabilities were found within the file attachment viewer in IBM Lotus Notes. The vulnerabilities can be exploited to execute arbitrary code by tricking the user to view a malicious DOC, SAM, WPD, or MIF file attachment using the file attachment viewer in Lotus Notes.

Tested Versions

---------------

Lotus Notes 7.0.2 (Trial)

Details

-------

http://vuln.sg/lotusnotes702-en.html

http://vuln.sg/lotusnotes702-jp.html

Vendor's Technote

-----------------

http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus