Lucene search

SAINT CorporationSAINT:77901D2ED0DFDAB5F358B853464F91F3

HistoryJan 03, 2008 - 12:00 a.m.

Lotus Notes WPD attachment viewer buffer overflow

2008-01-0300:00:00

SAINT Corporation

download.saintcorporation.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.9%

JSON

Added: 01/03/2008
CVE: CVE-2007-5910
BID: 26175
OSVDB: 40783

Background

Lotus Notes is the client for Lotus Domino servers.

Problem

A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted WordPerfect (WPD) attachment.

Resolution

Upgrade to Lotus Notes 7.0.3 or higher.

References

[http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111 ](<http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21271111
>)

Limitations

Exploit works on Lotus Notes 7.0.2 and requires a user to view the WPD attachment.

Platforms

Windows

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for SAINT:77901D2ED0DFDAB5F358B853464F91F3