iDefense Security Advisory 05.24.11 - Remote exploitation of a stack buffer overflow vulnerability in IBM Corp.'s Lotus Notes could allow an attacker to execute arbitrary code in the context of the current user. The vulnerability occurs during the processing of hyperlink information contained within a Rich Text Format (RTF) document. The hyperlink may be crafted in a manner which can cause a strcpy function call to overflow the bounds of a stack buffer. This condition may lead to arbitrary code execution. Lotus Notes versions 6.0, 6.5, 7.0, 8.0, 8.5 are vulnerable.
91558b82ec933f7adde1fcb12364cda4ebd05a89100271d7b360fcdea95e4c7d