Intrusion Prevention

IBM.Lotus.Domino.Upload.ActiveX.Control.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Domino Web Access.
This vulnerability is caused by improper handling of long strings passed to the "General_ServerName" property in dwa7W.dll. A remote attacker can exploit this to execute arbitrary code.

Affected Products

IBM Lotus Domino Web Access dwa7W.dll 7.0.34.1

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

We are not aware of any patch that is available at this time.
Set the kill bit for the affected ActiveX control.

CVE References

CVE-2007-4474