CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.3%
Added: 02/21/2006
CVE: CVE-2005-2618
BID: 16576
OSVDB: 23065
Lotus Notes is the client for Lotus Domino servers.
A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file.
Upgrade to version 6.5.5 or 7.0.1 or higher.
<http://secunia.com/secunia_research/2005-36>
Exploit works on Lotus Notes 6.5.4. This exploit sends an e-mail to the specified address and requires the user to view the attachment.
Windows