IBM Lotus Notes Attachment Handling Multiple Buffer Overflows

high Nessus Plugin ID 54922
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 7.4

Synopsis

The remote Windows host has an application that is affected by multiple buffer overflow vulnerabilities.

Description

The file attachment viewer component included with the instance of Lotus Notes installed on the remote Windows host is reportedly affected by several buffer overflow vulnerabilities that can be triggered when handling attachments of various types.

By sending a specially crafted attachment to users of the affected application and getting them to double-click and view the attachment, an attacker may be able to execute arbitrary code subject to the privileges under which the affected application runs.

Solution

Either Install Interim Fix 1 for Notes 8.5.2 Fix Pack 2 / 8.5.2 Fix Pack 3 or upgrade to 8.5.3. Alternatively, disable attachment viewers.

See Also

https://www-304.ibm.com/support/docview.wss?uid=swg21500034

https://www.securityfocus.com/archive/1/518139

https://www.securityfocus.com/archive/1/518131

https://www.securityfocus.com/archive/1/518138

https://www.securityfocus.com/archive/1/518137

http://www.nessus.org/u?c85aef3a

https://seclists.org/bugtraq/2011/May/178

https://seclists.org/bugtraq/2011/May/179

https://seclists.org/bugtraq/2011/May/181

https://seclists.org/bugtraq/2011/May/182

https://www.securityfocus.com/archive/1/archive/1/518120/100/0/threaded

Plugin Details

Severity: High

ID: 54922

File Name: notes_keyview_overflows2.nasl

Version: 1.25

Type: local

Agent: windows

Family: Windows

Published: 5/31/2011

Updated: 6/12/2020

Dependencies: smb_hotfixes.nasl, lotus_notes_installed.nasl

Risk Information

Risk Factor: High

VPR Score: 7.4

CVSS Score Source: CVE-2011-0548

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:ibm:lotus_notes:*:*:*:*:*:*:*:*

Required KB Items: SMB/Registry/Enumerated, SMB/Lotus_Notes/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/24/2011

Vulnerability Publication Date: 5/24/2011

Exploitable With

Core Impact

Metasploit (Lotus Notes 8.0.x - 8.5.2 FP2 - Autonomy Keyview (.lzh Attachment))

Reference Information

CVE: CVE-2011-0548, CVE-2011-1217, CVE-2011-1216, CVE-2011-1512, CVE-2011-1215, CVE-2011-1213, CVE-2011-1214, CVE-2011-1218

BID: 48018, 48017, 48019, 48020, 48021, 48016, 47962, 48013

CERT: 126159

EDB-ID: 17448

Secunia: 44624