Lotus Notes < 6.5.5 or 7.0.1 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 3422
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running a Lotus Notes email client. Lotus Notes client versions 6.5.4 and 7.0.0 (and earlier) could allow a remote attacker to execute arbitrary code. Specifically, several of the routines that handle the uncompression of archived files do not properly handle malformed files. An attacker exploiting this flaw would need to be able to entice a Lotus Notes user into opening an archived file.
SolutionUpgrade to version 6.5.5, 7.0.1 or higher.