1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: IBM Lotus Domino Calendar Attachment Name Parsing

Attack: IBM Lotus Domino Calendar Attachment Name Parsing

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of stack based buffer overflow vulnerability in IBM Lotus Domino application.

Additional Information

IBM Lotus Domino is a client/server product designed for collaborative working environments.

This issue affects the NRouter service when transporting specially crafted email messages. When handling specially crafted 'ATTACH:CID' and 'Content-ID' headers, the application will copy them into a fixed-size buffer without checking the length. The issue is triggered by passing an overly large file name.

Successfully exploiting this issue may allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • IBM Lotus Domino

Response

N/A

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube