icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Lotus Notes < 7.0.2 ntmulti.exe Local Privilege Escalation

High

Synopsis

The remote host is vulnerable to a local 'privilege escalation' flaw.

Description

The remote host is running the Lotus Notes email client. The reported version is less than 7.0.2. There is a flaw in this version of Lotus Notes that would allow a local user to replace the 'ntmulti.exe' file. After replacing the executable, the local attacker would have their code executed with SYSTEM level privileges.

Solution

Upgrade to version 7.0.2 or higher.