Alias(es)IBM.Lotus.Notes.123File.Viewer.Buffer.Overflow |
Release DateJan 18, 2008 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Notes.The vulnerability is caused by a boundary error in the Lotus 1-2-3 file viewer. It can be exploited via a crafted Worksheet File (WKS), leading to remote code execution. |
Affected ProductsIBM Lotus Notes 8.0IBM Lotus Notes 7.0.3 IBM Lotus Notes 7.0.2 FP1 IBM Lotus Notes 7.0.2 IBM Lotus Notes 7.0.1 IBM Lotus Notes 7.0 IBM Lotus Notes 6.5.6 FP2 IBM Lotus Notes 6.5.6 IBM Lotus Notes 6.5.5 FP3 IBM Lotus Notes 6.5.5 FP2 IBM Lotus Notes 6.5.5 IBM Lotus Notes 6.5.4 IBM Lotus Notes 6.5.3 IBM Lotus Notes 6.5.2 IBM Lotus Notes 6.5.1 IBM Lotus Notes 6.5 IBM Lotus Notes 6.0.5 IBM Lotus Notes 6.0.4 IBM Lotus Notes 6.0.3 IBM Lotus Notes 6.0.2 IBM Lotus Notes 6.0.1 IBM Lotus Notes 6.0 |
Recommended ActionsLotes Notes 7.x/8.x:Contact IBM Support for patches. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-6593 |
Reference/shttp://www.vupen.com/english/advisories/2007/4012http://secunia.com/advisories/27835/ http://www.securityfocus.com/bid/26604 (BugTraq) http://www.coresecurity.com/index.php5?action=item&id=2008 http://www-1.ibm.com/support/docview.wss?uid=swg21285600 |
