Signature Detail

SMTP: IBM Lotus Notes MIF Attachment Viewer Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the IBM Lotus Notes MIF Attachment Viewer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.

Extended Description

Autonomy KeyView is prone to multiple buffer-overflow vulnerabilities. Successfully exploiting these issues could allow an attacker to execute arbitrary code in the context of the user running the application. Multiple applications incorporate the vulnerable KeyView component, so are also considered vulnerable to these issues. NOTE: This document was previously titled 'IBM Lotus Notes Attachment Viewer Multiple Buffer Overflow Vulnerabilities'. It has been updated and relabeled to properly reflect the vulnerable component.

Affected Products

• ActivePDF DocConverter 3.8.2.5
• Autonomy Keyview Export SDK 7
• Autonomy Keyview Export SDK 8
• Autonomy Keyview Export SDK 9
• Autonomy Keyview Filter SDK 7
• Autonomy Keyview Filter SDK 8
• Autonomy Keyview Filter SDK 9
• Autonomy Keyview Viewer SDK 7
• Autonomy Keyview Viewer SDK 8
• Autonomy Keyview Viewer SDK 9
• IBM Lotus Notes 7.0.2
• Symantec Mail Security Appliance 5.0.0
• Symantec Mail Security Appliance 5.0.0.24
• Symantec Mail Security for Domino 7.5
• Symantec Mail Security for Domino 7.5.0.19
• Symantec Mail Security for Microsoft Exchange 5.0.0
• Symantec Mail Security for Microsoft Exchange 5.0.0.024
• Symantec Mail Security for Microsoft Exchange 5.0.6.368
• Symantec Mail Security for Microsoft Exchange 5.0.7.373
• Symantec Mail Security for SMTP 5.0
• Symantec Mail Security for SMTP 5.0.1

References

• BugTraq: 26175