Lucene search
SAINT CorporationSAINT:12BEFCCB8738CF66FA95DAAE72C4BF08HistoryDec 07, 2007 - 12:00 a.m.
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
2007-12-0700:00:00
SAINT Corporation
www.saintcorporation.com
21
0.071 Low
EPSS
Percentile
94.0%
Added: 12/07/2007
CVE: CVE-2007-6593
BID: 26604
OSVDB: 40796
Background
Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format (WKS) used by Lotus 1-2-3.
Problem
A buffer overflow vulnerability in the Autonomy KeyView library allows command execution when a user views a specially crafted worksheet attachment in Lotus Notes.
Resolution
Contact IBM support for a patch or apply one of the workarounds described in the IBM Technote.
References
<http://archives.neohapsis.com/archives/fulldisclosure/2007-11/0540.html>
Limitations
Exploit works on Lotus Notes 7.0.2 and requires a user to view the e-mail attachment.
Platforms
Windows 2000
Windows XP
Related
coresecurity
coresecurity
Lotus Notes buffer overflow in the Lotus WorkSheet file processor
2007-11-27 00:00:00
saint
saint
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
2007-12-07 00:00:00
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
2007-12-07 00:00:00
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
2007-12-07 00:00:00
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2007-6593
2007-12-28 21:46:00
prion
prion
Stack overflow
2007-12-28 21:46:00
nvd
nvd
CVE-2007-6593
2007-12-28 21:46:00
cvelist
cvelist
CVE-2007-6593
2007-12-28 21:00:00