Rare bug blights Lotus Notes | The Register

Skip to content

Security:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

How IT Management Can "Green" the Data Center
A Gartner Report
What Every E-Business Should Know about SSL Security and Consumer Trust
A Verisign Business Guide
Gartner Paper: US Data Centers
The Calm Before the Storm
SSL in High-Security Browsers
The Browser Security Revolution
The Perfect (Virtual) Marriage
Deduplication and VMware
Solution Brief: Reduce Energy Costs
With Green IT Solutions

The Register » Security » Enterprise Security »

Rare bug blights Lotus Notes

1-2-3 hack risk

By John Leyden → More by this author

Published Wednesday 28th November 2007 10:39 GMT

How IT Management Can "Green" the Data Center - Free Download

Security researchers have discovered a rare, and potentially serious, security bug in Lotus Notes. A buffer overflow flaw in IBM's groupware package enables hackers to trick users into running hostile code on vulnerable systems.

The security bug stems from boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) component. Successful exploitation of the bug involves tricking users into viewing maliciously crafted Lotus 1-2-3 attachments, designed to allow the execution of arbitrary code on vulnerable systems.

The flaws, discovered by security researchers with Core Security, affect versions 7.x and 8.x of Lotus Notes. Other versions may also be affected.

Sys admins are advised to contact IBM support for patches, as explained here. ®

Save money taking your comms online - Free live event - Register now

30 comments posted — Comment period finished

Rare bug??

Posted: 11:20 28th November 2007

As Lotus User...

Posted: 12:16 28th November 2007

I assume its rare

Posted: 12:30 28th November 2007

Hostile code...

Posted: 12:35 28th November 2007

Indeed a Rare Bug

Posted: 12:35 28th November 2007

More comments…

Track this type of story as a custom Atom/RSS feed or by email.

Related stories

IBM hopes open office is Symphony to your key-tapping fingers (19 September 2007)
Lotus leaps into social networking (25 June 2007)
McAfee upgrade plays nasty with Lotus Notes (23 January 2007)
IBM puts cash bounty on Exchange server converts (31 March 2006)
Confusion over serious Notes, Domino vulns (11 March 2003)

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

How IT Management Can "Green" the Data Center

This Gartner research provides managers with an outline of the trends affecting datacenters and offers strategies with which to address these changes..

whitepaper title

Gartner Paper: US Data Centers

U.S. enterprise data centers face considerable space and energy constraints over the next few years. Download this free independent report to read more..

Whitepapers
What Every E-Business Should Know about SSL Security and Consumer Trust The Evolving Security Landscape Solution Brief: Reduce Energy Costs A Green Vision: Interview with VMWare CEO Diane Greene

How IT Management Can "Green" the Data Center

A Gartner Report

Download for free NOW

Top 20 stories • All The Week’s Headlines • Archive • Search