Researchers flag 'highly critical' IBM Lotus Notes flaws

Researchers flag 'highly critical' IBM Lotus Notes flaws

Summary: Researchers at CoreLabs have issued a warning for several serious IBM Lotus Notes vulnerabilities that could cause remote execution of arbitrary commands .

SHARE:

Researchers flag ‘highly critical’ IBM Lotus Notes flaws Researchers at CoreLabs have issued a warning for several serious IBM Lotus Notes vulnerabilities that could cause remote execution of arbitrary commands .

The flaws, rated "highly critical" by Secunia, could allow hackers to attach a specially crafted file that triggers remote exploitation when unsuspecting users attempt to "View" the attachment.

The vulnerabilities reportedly affect IBM Lotus Notes versions 7.0 and 8.0.

From the CoreLabs advisory:

Although these specific vulnerabilities exist on a third–party component the problem is compound by the way Lotus Notes displays information about attachments, making it easier to elicit unsuspecting assistance from the users to exploit them.  Lotus Notes displays the file type and corresponding icon based on the attached file’s extension rather than the MIME Content-Type header in the email whereas the view functionality is handled by the Verity KeyView component which processes the attachment based on the file contents.  Exploitation of these vulnerabilities requires end-user interaction but the discrepancy described above could allow an attacker to send a malicious Lotus 1-2-3 file as an attachment with a seemingly innocuous extension (for example,  .JPG or .GIF) that more easily lure users into viewing it thus making it easier to succeed in the exploitation attempt.

The vulnerabilities are caused due to boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) and can be exploited to cause buffer overflows by tricking a user into viewing a specially crafted Lotus 1-2-3 attachment with e.g. a specially crafted type SRANGE record, Secunia warned.

IBM has posted a note acknowledging the issue and urged customers to contact IBM Support to obtain the patch for the Notes client.

The company also recommended that users disable the affected file viewer by following one of the options in the "How to disable viewers within Lotus Notes" section of its advisory.

Topics: IBM, Collaboration, Enterprise Software, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Interesting

    However, I'm not sure that it's as "high" on the list as it's made out to be. Why? Because Lotus 1-2-3 as a tool has lost to Excel (sad to say) and most users in NOTES will be using the excel viewer.
    Sheeva