Lotus Notes < 6.5.5 / 7.0.1 Attachment Handling Vulnerabilities

high Nessus Plugin ID 20924

Synopsis

The remote Windows application is prone to multiple flaws.

Description

The version of Lotus Notes installed on the remote host reportedly contains five buffer overflow vulnerabilities and one directory traversal vulnerability in the KeyView viewers used to handle message attachments. By sending specially crafted attachments to users of the affected application and getting them to double-click and view the attachment, an attacker may be able to execute arbitrary code subject to the privileges under which the affected application runs or to delete arbitrary files that are accessible to the NOTES user.

Solution

Either edit the 'keyview.ini' configuration file as described in the vendor advisory above or upgrade to Lotus Notes version 6.5.5 / 7.0.1 or later.

See Also

https://www-01.ibm.com/support/docview.wss?uid=swg21229918

Plugin Details

Severity: High

ID: 20924

File Name: notes_attachment_handling_vulns.nasl

Version: 1.22

Type: local

Published: 2/15/2006

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:ibm:lotus_notes

Required KB Items: SMB/Registry/Enumerated, SMB/Lotus_Notes/Installed

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/10/2006

Reference Information

CVE: CVE-2005-2618, CVE-2005-2619

BID: 16576

CWE: 119, 22

Secunia: 16280