exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 27279

Secunia Security Advisory 27279
Posted Oct 23, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM Lotus Notes, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information and by malicious people to bypass certain security mechanisms or compromise a user's system.

tags | advisory, local, vulnerability
SHA-256 | 5f209b72bb2bde5f85bdfd1abc6425fc196327838c3aa5b781acaf2a3277d866

Secunia Security Advisory 27279

Change Mirror Download


----------------------------------------------------------------------

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/

----------------------------------------------------------------------

TITLE:
IBM Lotus Notes Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA27279

VERIFY ADVISORY:
http://secunia.com/advisories/27279/

CRITICAL:
Highly critical

IMPACT:
Exposure of sensitive information, System access

WHERE:
>From remote

SOFTWARE:
IBM Lotus Notes 7.x
http://secunia.com/product/7953/
IBM Lotus Notes 6.x
http://secunia.com/product/388/

DESCRIPTION:
Multiple vulnerabilities have been reported in IBM Lotus Notes, which
can be exploited by malicious, local users to gain knowledge of
potentially sensitive information and by malicious people to bypass
certain security mechanisms or compromise a user's system.

1) Errors within various third-party file viewers (mifsr.dll,
awsr.dll, kpagrdr.dll, exesr.dll, rtfsr.dll, mwsr.dll, exesr.dll,
wp6sr.dll, and lasr.dll) can be exploited to cause buffer overflows
by tricking a user into viewing a specially crafted attachment.

Successful exploitation may allow execution of arbitrary code.

2) A boundary error when parsing HTML messages in nnotes.dll can be
exploited to cause a buffer overflow when a user acts upon a
malicious HTML message (e.g. replying, forwarding, or copying it to
the clipboard).

Successful exploitation may allow execution of arbitrary code.

3) An error in the ECL (Execution Control List) mechanism may result
in attachments being executed automatically instead of displaying the
Execution Security Alert when handling Notes database (.nsf) and Notes
template (.ntf) attachments.

4) Insecure permissions on shared memory allows any local user to
access memory containing other users' data.

A bug was also reported, which may crash the client when receiving
specially crafted SMTP responses.

SOLUTION:
Update to version 7.0.3 or 8.0.

NOTE: Version 8.0 does not fix the vulnerability in wp6sr.dll.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) ZDI and Tan Chew-Keong
2) VeriSign iDefense VCP
3) Ed Schaller
4) Ollie Whitehouse, Symantec.

ORIGINAL ADVISORY:
IBM:
http://www-1.ibm.com/support/docview.wss?uid=swg21271111
http://www-1.ibm.com/support/docview.wss?uid=swg21272836
http://www-1.ibm.com/support/docview.wss?uid=swg21272930
http://www-1.ibm.com/support/docview.wss?uid=swg21270884
http://www-1.ibm.com/support/docview.wss?uid=swg21257030
http://www-1.ibm.com/support/docview.wss?uid=swg21271957

Vuln.sg:
http://vuln.sg/lotusnotes702doc-en.html
http://vuln.sg/lotusnotes702sam-en.html
http://vuln.sg/lotusnotes702wpd-en.html
http://vuln.sg/lotusnotes702mif-en.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close