Intrusion Prevention

IBM.Lotus.Notes.Attachment.Viewer.UUE.File.Buffer.Overflow

Description

This indicates an attack attempt to exploit a stack-based buffer-overflow vulnerability in IBM Lotus Notes Attachment Viewer.
The vulnerability is caused due to improper boundary checking when handling UUE archive files. Remote attackers may exploit this to execute arbitrary code.

Affected Products

IBM Lotus Notes 6.5.4
IBM Lotus Notes 6.5.3
IBM Lotus Notes 6.5.2
IBM Lotus Notes 6.5.1
IBM Lotus Notes 6.5
IBM Lotus Notes 6.0.5
IBM Lotus Notes 6.0.4
IBM Lotus Notes 6.0.3
IBM Lotus Notes 6.0.2
IBM Lotus Notes 6.0.1
IBM Lotus Notes 7.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to version 6.5.5 or 7.0.1.

CVE References

CVE-2005-2618