Researchers flag 'highly critical' IBM Lotus Notes flaws

Summary:Researchers at CoreLabs have issued a warning for several serious IBM Lotus Notes vulnerabilities that could cause remote execution of arbitrary commands .

Researchers flag ‘highly critical’ IBM Lotus Notes flaws
Researchers at CoreLabs have issued a warning for several serious IBM Lotus Notes vulnerabilities that could cause remote execution of arbitrary commands .

The flaws, rated "highly critical" by Secunia, could allow hackers to attach a specially crafted file that triggers remote exploitation when unsuspecting users attempt to "View" the attachment.

The vulnerabilities reportedly affect IBM Lotus Notes versions 7.0 and 8.0.

From the CoreLabs advisory:

Although these specific vulnerabilities exist on a third–party component the problem is compound by the way Lotus Notes displays information about attachments, making it easier to elicit unsuspecting assistance from the users to exploit them.  Lotus Notes displays the file type and corresponding icon based on the attached file’s extension rather than the MIME Content-Type header in the email whereas the view functionality is handled by the Verity KeyView component which processes the attachment based on the file contents.  Exploitation of these vulnerabilities requires end-user interaction but the discrepancy described above could allow an attacker to send a malicious Lotus 1-2-3 file as an attachment with a seemingly innocuous extension (for example,  .JPG or .GIF) that more easily lure users into viewing it thus making it easier to succeed in the exploitation attempt.

The vulnerabilities are caused due to boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) and can be exploited to cause buffer overflows by tricking a user into viewing a specially crafted Lotus 1-2-3 attachment with e.g. a specially crafted type SRANGE record, Secunia warned.

IBM has posted a note acknowledging the issue and urged customers to contact IBM Support to obtain the patch for the Notes client.

The company also recommended that users disable the affected file viewer by following one of the options in the "How to disable viewers within Lotus Notes" section of its advisory.

Topics: IBM, Collaboration, Enterprise Software, Security, Software

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.