Rare bug blights Lotus Notes
Print1-2-3 hack risk
Posted in Software & Security, 28th November 2007 10:39 GMT
Free whitepaper – What Exchange can't do - and Dell can
Security researchers have discovered a rare, and potentially serious, security bug in Lotus Notes. A buffer overflow flaw in IBM's groupware package enables hackers to trick users into running hostile code on vulnerable systems.
The security bug stems from boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) component. Successful exploitation of the bug involves tricking users into viewing maliciously crafted Lotus 1-2-3 attachments, designed to allow the execution of arbitrary code on vulnerable systems.
The flaws, discovered by security researchers with Core Security, affect versions 7.x and 8.x of Lotus Notes. Other versions may also be affected.
Sys admins are advised to contact IBM support for patches, as explained here. ®
Free whitepaper – Managing desktop software for fun and profit
The Register Agile Data Center Summit
What Exchange can't do - and Dell can
New storage architectures make SSDs more cost-effective
Dell PowerEdge R710 solution with VMware ESX vs. Dell PowerEdge 2850 solution
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs