Rare bug blights Lotus Notes
Print1-2-3 hack risk
Posted in Software & Security, 28th November 2007 10:39 GMT
Free whitepaper – Straight Talk with Dell: Sending out an SaaS
Security researchers have discovered a rare, and potentially serious, security bug in Lotus Notes. A buffer overflow flaw in IBM's groupware package enables hackers to trick users into running hostile code on vulnerable systems.
The security bug stems from boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) component. Successful exploitation of the bug involves tricking users into viewing maliciously crafted Lotus 1-2-3 attachments, designed to allow the execution of arbitrary code on vulnerable systems.
The flaws, discovered by security researchers with Core Security, affect versions 7.x and 8.x of Lotus Notes. Other versions may also be affected.
Sys admins are advised to contact IBM support for patches, as explained here. ®
Free whitepaper – Managing desktop software for fun and profit
Enabling the Agile Data Center
Straight Talk with Dell: Sending out an SaaS
The business value of SIP VoIP and trunking
New storage architectures make SSDs more cost-effective
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs