Skip to main content

Lotus Notes File Viewer "wp6sr.dll" Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 19 Mar 2009 4325 Views

RISK: Medium Risk

A vulnerability has been identified in IBM Lotus Notes, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the File Viewer for WordPerfect module when processing a specially crafted file attachment, which could be exploited by attackers to crash an affected server or execute arbitrary code.


Impact

  • Denial of Service
  • Remote Code Execution

System / Technologies affected

  • IBM Lotus Notes versions 5.x
  • IBM Lotus Notes versions 6.x
  • IBM Lotus Notes versions 7.0.x
  • IBM Lotus Notes versions 8.0.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Notes 7.x and 8.x
    A patch is available via the IBM support.
  • Notes 6.x and 5.x
    Disable the file viewer.


Vulnerability Identifier


Source


Related Link