IBM Lotus Symphony < 3.0.1 Embedded Image File Handling Remote Overflows
High Nessus Plugin ID 59109
SynopsisThe remote host has an application that is affected by multiple integer overflows.
DescriptionThe version of IBM Lotus Symphony on the remote host was found to be earlier than 3.0.1. As such, it is reportedly affected by multiple integer overflows in vlcmi.dll. These vulnerabilities can be triggered by a malicious JPEG or PNG image object embedded in a .DOC file, resulting in arbitrary code execution.
SolutionUpgrade to IBM Lotus Symphony 3.0.1 or later.