IBM.Lotus.Notes.123File.Viewer.Remote.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Notes.
The vulnerability is caused by a boundary error in the Lotus 1-2-3 file viewer. It can be exploited via a crafted Worksheet File (WKS), leading to remote code execution.

Affected Products

IBM Lotus Notes 8.0
IBM Lotus Notes 7.0.3
IBM Lotus Notes 7.0.2 FP1
IBM Lotus Notes 7.0.2
IBM Lotus Notes 7.0.1
IBM Lotus Notes 7.0
IBM Lotus Notes 6.5.6 FP2
IBM Lotus Notes 6.5.6
IBM Lotus Notes 6.5.5 FP3
IBM Lotus Notes 6.5.5 FP2
IBM Lotus Notes 6.5.5
IBM Lotus Notes 6.5.4
IBM Lotus Notes 6.5.3
IBM Lotus Notes 6.5.2
IBM Lotus Notes 6.5.1
IBM Lotus Notes 6.5
IBM Lotus Notes 6.0.5
IBM Lotus Notes 6.0.4
IBM Lotus Notes 6.0.3
IBM Lotus Notes 6.0.2
IBM Lotus Notes 6.0.1
IBM Lotus Notes 6.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Lotes Notes 7.x/8.x:
Contact IBM Support for patches.

References