0 Replies Latest reply on Nov 28, 2007 10:19 AM by HarryWaldron

    Lotus Notes - vulnerable to attack thru "123" extension

      If the "123" extension type (Lotus 1-2-3 spreadsheet format) is not being used, this might be valuable to add to the email attachment blocking list used by Lotus Notes shops. There are some workarounds for version 5 and 7. IBM may have a version 6 solution by the end of the month.

      Lotus Notes - vulnerable to attack thru "123" extension
      http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleI d=9049439
      http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21285600

      QUOTE: Sebastián Muñiz from the CORE IMPACT Exploit Writers Team (EWT) at Core Security Technologies contacted IBM® Lotus® to report a potential keyview buffer overflow vulnerability in Lotus Notes® when viewing a Lotus 1-2-3 (.123 extension) file attachment. In specific situations it was found that the possibility exists to execute arbitrary code.

      To successfully exploit this vulnerability, an attacker would need to send a specially crafted Lotus 1-2-3 file attachment to users, and the users would then have to double-click and View the attachment.