Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Lotus Notes < 6.5.5 or 7.0.1 Multiple Vulnerabilities

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running a Lotus Notes email client. Lotus Notes client versions 6.5.4 and 7.0.0 (and earlier) could allow a remote attacker to execute arbitrary code. Specifically, several of the routines that handle the uncompression of archived files do not properly handle malformed files. An attacker exploiting this flaw would need to be able to entice a Lotus Notes user into opening an archived file.

Solution

Upgrade to version 6.5.5, 7.0.1 or higher.