SAINT CorporationSAINT:65C4DB0D9DA3A4838F166CB775F21CD1IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.939 High
EPSS
Percentile
99.1%
Added: 06/30/2011
CVE: CVE-2011-1213
BID: 48018
OSVDB: 72706
Background
Lotus Notes is the client for Lotus Domino servers.
Problem
IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of **LZH** files. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted file to the target user and enticing them to view it with the affected software.
Resolution
Apply patches as described in IBM Bulletin 1500034.
References
<http://secunia.com/advisories/44624/>
Limitations
Exploit works on IBM Lotus Notes 8.5 and requires a user to view the **LZH** attachment. A valid e-mail account must exist on the mail server and in Lotus Notes.
Platforms
Windows
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.939 High
EPSS
Percentile
99.1%