Lucene search
SAINT CorporationSAINT:9A6EBC547477001F591617B11CF4E48FHistoryFeb 17, 2006 - 12:00 a.m.
Lotus Notes HTML Speed Reader URL buffer overflow
2006-02-1700:00:00
SAINT Corporation
www.saintcorporation.com
267
0.95 High
EPSS
Percentile
99.1%
Added: 02/17/2006
CVE: CVE-2005-2618
BID: 16576
OSVDB: 23068
Background
Lotus Notes is the client for Lotus Domino servers.
Problem
A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a long link URL.
Resolution
Upgrade to version 6.5.5 or 7.0.1 or higher.
References
<http://secunia.com/secunia_research/2005-32/>
Limitations
Exploit works on Lotus Notes 6.5.4. This exploit sends an e-mail to the specified address and requires the user to follow the ClickOnMe link.
Platforms
Windows
Related
saint
saint
Lotus Notes Attachment Viewer UUE file buffer overflow
2006-02-21 00:00:00
Lotus Notes HTML Speed Reader URL buffer overflow
2006-02-17 00:00:00
Lotus Notes Attachment Viewer UUE file buffer overflow
2006-02-21 00:00:00
cert
cert
IBM Lotus Notes ZIP file handling buffer overflow
2006-02-15 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Lotus Notes Attachment Viewer UUE File Handling Buffer Overflow (CVE-2005-2618)
2010-02-25 00:00:00
IBM Lotus Notes Attachment Viewer UUE File Handling Buffer Overflow - ver 2 (CVE-2005-2618)
2015-07-23 00:00:00
IBM Lotus Notes HTML Speed Reader Long URL Buffer Overflow (CVE-2005-2618)
2010-03-22 00:00:00
securityvulns
securityvulns
Secunia Research: Lotus Notes UUE File Handling Buffer Overflow
2006-02-11 00:00:00
Secunia Research: Lotus Notes TAR Reader File Extraction Buffer Overflow
2006-02-11 00:00:00
Secunia Research: Lotus Notes ZIP File Handling Buffer Overflow
2006-02-10 00:00:00
cve
cve
CVE-2005-2618
2005-12-31 05:00:00
nessus
nessus
Lotus Notes < 6.5.5 / 7.0.1 Attachment Handling Vulnerabilities
2006-02-15 00:00:00