Intrusion Prevention

IBM.Lotus.Sametime.StMux.EXE.Stack.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Sametime.
The IBM Lotus Sametime application contains a stack-based buffer-overflow vulnerability that is triggered when processing malformed HTTP requests. Successful exploitation could make it possible for remote attackers to execute arbitrary code or crash a vulnerable system.

Affected Products

IBM Lotus Sametime 7.5.1
IBM Lotus Sametime 8.0
IBM Lotus Sametime 7.5
IBM Lotus Sametime 7.0

Impact

System Compromise
Denial of Service

Recommended Actions

Apply the most recent upgrades or patches from IBM. Please refer to the following page for more details:
http://www.ibm.com/support/docview.wss?rs=463&uid=swg21303920

CVE References

CVE-2008-2499