Update Protection against IBM Lotus Notes DOC Attachment Viewer Buffer Overflow
| Check Point Reference: | CPAI-2007-338 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA27279 | |
| Industry Reference(s): | CVE-2007-5544 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? IBM Lotus Notes 6.5 IBM Lotus Notes 7.0 prior to 7.0.3 | ||
| Vulnerability Description Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over a range of protocols, such as: SMTP, POP, and IMAP. |
||
|
Vulnerability Details A stack buffer overflow vulnerability exists in the way IBM Lotus Notes Attachment Viewer processes files. The vulnerability is a result of insufficient boundary checking while processing the Microsoft Word for DOS Document. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted Word for DOS file, potentially causing arbitrary code to be injected and executed in the security context of the current user. An attack targeting this vulnerability can result in the injection and execution of code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any code injected will be executed within the security context of the currently logged in user. In the case of an unsuccessful code execution attack, Lotus Notes will terminate. |
Protection Overview
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.