Lotus Notes is the client for Lotus Domino servers.
IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of
**LZH** files. A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted file to the target user and enticing them to view it with the affected software.
Apply patches as described in IBM Bulletin 1500034.
Exploit works on IBM Lotus Notes 8.5 and requires a user to view the
**LZH** attachment. A valid e-mail account must exist on the mail server and in Lotus Notes.