Lotus Notes uses the same vulnerable shimgvw.dll graphics rendering engine file implicated in the Microsoft WMF file handling vulnerability.
29b636686315c58735d0610c7bca6c8b5cc3272d4a75f859ecf334370e5f21e7
by NIST.org
Lotus Notes uses the same vulnerable shimgvw.dll graphics
rendering engine file implicated in the Microsoft Security
Advisory (912840) to view image file attachments. Because of
this all Lotus Notes users are vulnerable to the WMF zero-day
exploit. At this point there is little that be done but block
all incoming images at the perimeter.
Someone (or an email worm) simply needs to email a person a
message with a graphics file attachment. It doesn't matter
if the person Views or Opens (Runs) the attachment the
shimgvw.dll will be used to render the image and the malicious
file can compromise the computer.