Signature Detail

Short Name	SMTP:MAL:LOTUS-DOC-VIEWER
Severity	High
Recommended	No
Recommended Action	Drop
Category	SMTP
Keywords	IBM Lotus Notes DOC Attachment Viewer Buffer Overflow
Release Date	2010/10/18
Update Number	1794
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: IBM Lotus Notes DOC Attachment Viewer Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the IBM Lotus Notes DOC Attachment Viewer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Lotus Domino is prone to a vulnerability that may allow attackers to access other users' sessions. An attacker could exploit this issue to read or write content to arbitrary Lotus Notes sessions when deployed in a shared environment.

Affected Products

IBM Lotus Domino 6.5.5 FP3
IBM Lotus Domino 6.5.6
IBM Lotus Domino 7.0.3
IBM Lotus Domino 8.0
IBM Lotus Notes 6.5.5 FP3
IBM Lotus Notes 6.5.6
IBM Lotus Notes 7.0.2 FP1
IBM Lotus Notes 8.0

References

BugTraq: 26146
CVE: CVE-2007-5544

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

SMTP: IBM Lotus Notes DOC Attachment Viewer Buffer Overflow

Extended Description

Affected Products

References