1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: IBM Lotus Notes Applix Viewer CVE-2011-1216

Attack: IBM Lotus Notes Applix Viewer CVE-2011-1216

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to a buffer overflow error in IBM Lotus Notes Applix Viewer application.

Additional Information

Autonomy KeyView Filter is a component used in multiple applications. It adds filtering, viewing, and exporting of documents to web-ready HTML or valid XML.

Autonomy KeyView is prone to a stack-based buffer-overflow vulnerability when processing tag information in an Applix document.

An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious file or email attachment.

Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

NOTE: This issue was previously discussed in BID 47962 (IBM Lotus Notes Attachment Handling Multiple Buffer Overflow Vulnerabilities) but has been given its own record to better document it.

Affected

  • N/A

Response

Vendor has issued an update to fix this issue. Please see the vendor's website for further details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube