Lotus Notes < 7.0.3 HTML Email RTF Conversion Overflow

Critical Nessus Network Monitor Plugin ID 4262

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running the Lotus Notes email client. The reported version is older than 7.0.3. This version of Lotus Notes is reported vulnerable to multiple remote buffer overflows. The specific flaw seems to be in the portion of the application that processes attachments. In order for this attack vector to be utilized, the attacker would need to be able to entice a Lotus Notes user into opening a malicious attachment. Successful exploitation would result in the attacker executing arbitrary code on the remote system.

Solution

Upgrade to version 7.0.3 or higher.

See Also

http://www.securityfocus.com/archive/1/[email protected]

Plugin Details

Severity: Critical

ID: 4262

Family: SMTP Clients

Published: 2007/10/23

Modified: 2018/09/16

Dependencies: 1334

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:lotus_notes

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Reference Information

CVE: CVE-2007-5909, CVE-2007-5910, CVE-2007-4222

BID: 26200, 26175