Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMTP:MAL:LOTUS-WPD

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 SMTP

Keywords

 IBM Lotus Notes WPD Attachment Viewer Buffer Overflow

Release Date

 2010/10/18

Update Number

 1794

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: IBM Lotus Notes WPD Attachment Viewer Buffer Overflow


There exist a buffer overflow vulnerability in IBM Lotus Notes WPD viewer. The vulnerability is due to a boundary error while processing crafted WordPerfect (.wpd) files. A remote attacker could exploit this vulnerability by persuading a target user to open a malicious WPD file in Lotus email attachment. Successful exploitation of this vulnerability may allow arbitrary code injection and execution within the context of the logged in user. In an attack case where code injection is not successful, all instances of the vulnerable IBM Lotus Notes application will terminate. In a more sophisticated attack scenario where code injection is successful, the behaviour of the target host is entirely dependent on the intended function of the injected code. The code in such a case would execute within the security context of the current user. The affected application would also most likely stop functioning as a result of such an attack.

Extended Description

Autonomy KeyView is prone to multiple buffer-overflow vulnerabilities. Successfully exploiting these issues could allow an attacker to execute arbitrary code in the context of the user running the application. Multiple applications incorporate the vulnerable KeyView component, so are also considered vulnerable to these issues. NOTE: This document was previously titled 'IBM Lotus Notes Attachment Viewer Multiple Buffer Overflow Vulnerabilities'. It has been updated and relabeled to properly reflect the vulnerable component.

Affected Products

  • ActivePDF DocConverter 3.8.2.5
  • Autonomy Keyview Export SDK 7
  • Autonomy Keyview Export SDK 8
  • Autonomy Keyview Export SDK 9
  • Autonomy Keyview Filter SDK 7
  • Autonomy Keyview Filter SDK 8
  • Autonomy Keyview Filter SDK 9
  • Autonomy Keyview Viewer SDK 7
  • Autonomy Keyview Viewer SDK 8
  • Autonomy Keyview Viewer SDK 9
  • IBM Lotus Notes 7.0.2
  • Symantec Mail Security Appliance 5.0.0
  • Symantec Mail Security Appliance 5.0.0.24
  • Symantec Mail Security for Domino 7.5
  • Symantec Mail Security for Domino 7.5.0.19
  • Symantec Mail Security for Microsoft Exchange 5.0.0
  • Symantec Mail Security for Microsoft Exchange 5.0.0.024
  • Symantec Mail Security for Microsoft Exchange 5.0.6.368
  • Symantec Mail Security for Microsoft Exchange 5.0.7.373
  • Symantec Mail Security for SMTP 5.0
  • Symantec Mail Security for SMTP 5.0.1

References

  • BugTraq: 26175
  • CVE: CVE-2007-5544

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out