Lotus Notes < 7.0.3 HTML Email RTF Conversion Overflow
Critical Nessus Network Monitor Plugin ID 4262
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running the Lotus Notes email client. The reported version is older than 7.0.3. This version of Lotus Notes is reported vulnerable to multiple remote buffer overflows. The specific flaw seems to be in the portion of the application that processes attachments. In order for this attack vector to be utilized, the attacker would need to be able to entice a Lotus Notes user into opening a malicious attachment. Successful exploitation would result in the attacker executing arbitrary code on the remote system.
SolutionUpgrade to version 7.0.3 or higher.