IBM Lotus Notes Attachment Handling Multiple Buffer Overflows

High Nessus Plugin ID 54922

Synopsis

The remote Windows host has an application that is affected by multiple buffer overflow vulnerabilities.

Description

The file attachment viewer component included with the instance of Lotus Notes installed on the remote Windows host is reportedly affected by several buffer overflow vulnerabilities that can be triggered when handling attachments of various types.

By sending a specially crafted attachment to users of the affected application and getting them to double-click and view the attachment, an attacker may be able to execute arbitrary code subject to the privileges under which the affected application runs.

Solution

Either Install Interim Fix 1 for Notes 8.5.2 Fix Pack 2 / 8.5.2 Fix Pack 3 or upgrade to 8.5.3. Alternatively, disable attachment viewers.

See Also

https://www.securityfocus.com/archive/1/518139

https://www.securityfocus.com/archive/1/518131

https://www.securityfocus.com/archive/1/518138

https://www.securityfocus.com/archive/1/518137

http://www.nessus.org/u?c85aef3a

https://seclists.org/bugtraq/2011/May/178

https://seclists.org/bugtraq/2011/May/179

https://seclists.org/bugtraq/2011/May/181

https://seclists.org/bugtraq/2011/May/182

https://www.securityfocus.com/archive/1/archive/1/518120/100/0/threaded

https://www-304.ibm.com/support/docview.wss?uid=swg21500034

Plugin Details

Severity: High

ID: 54922

File Name: notes_keyview_overflows2.nasl

Version: 1.24

Type: local

Agent: windows

Family: Windows

Published: 2011/05/31

Modified: 2018/11/15

Dependencies: 61486, 13855

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:lotus_notes

Required KB Items: SMB/Registry/Enumerated, SMB/Lotus_Notes/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/05/24

Vulnerability Publication Date: 2011/05/24

Exploitable With

Core Impact

Metasploit (Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment))

Reference Information

CVE: CVE-2011-0548, CVE-2011-1213, CVE-2011-1214, CVE-2011-1215, CVE-2011-1216, CVE-2011-1217, CVE-2011-1218, CVE-2011-1512

BID: 47962, 48013, 48016, 48017, 48018, 48019, 48020, 48021

CERT: 126159

EDB-ID: 17448

Secunia: 44624