Signature Detail
Short Name |
SMTP:EMAIL:IBM-LOTUS-NTS-WPD-BO |
|---|---|
Severity |
High |
Recommended |
No |
Category |
SMTP |
Keywords |
IBM Lotus Notes WPD Attachment Handling Buffer Overflow |
Release Date |
2010/10/19 |
Update Number |
1794 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: IBM Lotus Notes WPD Attachment Handling Buffer Overflow
This signature detects attempts to exploit a known vulnerability in IBM Lotus Notes. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.
Extended Description
Autonomy KeyView module is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Exploiting this issue will allow an attacker to corrupt memory and to cause denial-of-service conditions or potentially to execute arbitrary code in the context of the application using the module. Multiple products using the KeyView module are affected.
Affected Products
- Autonomy Keyview Export SDK 10
- Autonomy Keyview Export SDK 10.3.0
- Autonomy Keyview Export SDK 10.4.0
- Autonomy Keyview Filter SDK 10
- Autonomy Keyview Filter SDK 10.3.0
- Autonomy Keyview Filter SDK 10.4.0
- Autonomy Keyview Viewer SDK 10
- Autonomy Keyview Viewer SDK 10.3.0
- Autonomy Keyview Viewer SDK 10.4.0
- IBM Lotus Notes 5.0.12
- IBM Lotus Notes 5.0.3
- IBM Lotus Notes 6.0.0
- IBM Lotus Notes 6.0.1
- IBM Lotus Notes 6.0.2
- IBM Lotus Notes 6.0.3
- IBM Lotus Notes 6.0.4
- IBM Lotus Notes 6.0.5
- IBM Lotus Notes 6.5.0
- IBM Lotus Notes 6.5.1
- IBM Lotus Notes 6.5.2
- IBM Lotus Notes 6.5.3
- IBM Lotus Notes 6.5.4
- IBM Lotus Notes 6.5.5
- IBM Lotus Notes 6.5.5 FP2
- IBM Lotus Notes 6.5.5 FP3
- IBM Lotus Notes 6.5.6
- IBM Lotus Notes 6.5.6 FP2
- IBM Lotus Notes 7.0
- IBM Lotus Notes 7.0.1
- IBM Lotus Notes 7.0.2
- IBM Lotus Notes 7.0.2 FP1
- IBM Lotus Notes 7.0.3
- IBM Lotus Notes 8.0
- Symantec BrightMail Appliance 5.0
- Symantec Data Loss Prevention Detection Servers 7.0
- Symantec Data Loss Prevention Detection Servers 8.0
- Symantec Data Loss Prevention Detection Servers for Linux 8.1
- Symantec Data Loss Prevention Detection Servers for Windows 8.1
- Symantec Data Loss Prevention Endpoint Agents 8.0
- Symantec Data Loss Prevention Endpoint Agents 8.1
- Symantec Enforce 7.0
- Symantec Enforce 8.0
- Symantec Enforce for Linux 8.1
- Symantec Enforce for Windows 8.1
- Symantec Mail Security Appliance 5.0.0
- Symantec Mail Security Appliance 5.0.0.24
- Symantec Mail Security Appliance 5.0.0-36
- Symantec Mail Security for Domino 7.5.3.25
- Symantec Mail Security for Domino 7.5.4.29
- Symantec Mail Security for Domino 7.5.5.32
- Symantec Mail Security for Microsoft Exchange 5.0.10
- Symantec Mail Security for Microsoft Exchange 5.0.11
- Symantec Mail Security for Microsoft Exchange 6.0.6
- Symantec Mail Security for Microsoft Exchange 6.0.7
- Symantec Mail Security for SMTP 5.0
- Symantec Mail Security for SMTP 5.0.1
- Symantec Mail Security for SMTP 5.0.1 Patch 181
- Symantec Mail Security for SMTP 5.0.1 Patch 182
- Symantec Mail Security for SMTP 5.0.1 Patch 189
- Symantec Mail Security for SMTP 5.0.1 Patch 200
References
- BugTraq: 34086
- CVE: CVE-2008-4564