Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.
https://exchange.xforce.ibmcloud.com/vulnerabilities/7323
http://www.securityfocus.com/bid/3458