IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow

2011-06-30T00:00:00
ID SAINT:DBF29552A2B2831FD63B43300A740BAB
Type saint
Reporter SAINT Corporation
Modified 2011-06-30T00:00:00

Description

Added: 06/30/2011
CVE: CVE-2011-1213
BID: 48018
OSVDB: 72706

Background

Lotus Notes is the client for Lotus Domino servers.

Problem

IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of **LZH** files. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted file to the target user and enticing them to view it with the affected software.

Resolution

Apply patches as described in IBM Bulletin 1500034.

References

<http://secunia.com/advisories/44624/>

Limitations

Exploit works on IBM Lotus Notes 8.5 and requires a user to view the **LZH** attachment. A valid e-mail account must exist on the mail server and in Lotus Notes.

Platforms

Windows