Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
https://exchange.xforce.ibmcloud.com/vulnerabilities/11339
http://www.securityfocus.com/bid/6872
http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
http://www.kb.cert.org/vuls/id/571297
http://www.ciac.org/ciac/bulletins/n-065.shtml
http://www.cert.org/advisories/CA-2003-11.html
http://www-1.ibm.com/support/docview.wss?uid=swg21104543
http://marc.info/?l=ntbugtraq&m=104558778331387&w=2
http://marc.info/?l=ntbugtraq&m=104558778131373&w=2
http://marc.info/?l=bugtraq&m=104550335103136&w=2
http://marc.info/?l=bugtraq&m=104550124032513&w=2
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html