Security:
News ToolsReg Shops |
Rare bug blights Lotus Notes1-2-3 hack riskPublished Wednesday 28th November 2007 10:39 GMT Security researchers have discovered a rare, and potentially serious, security bug in Lotus Notes. A buffer overflow flaw in IBM's groupware package enables hackers to trick users into running hostile code on vulnerable systems. The security bug stems from boundary errors within the Lotus 1-2-3 file viewer (l123sr.dll) component. Successful exploitation of the bug involves tricking users into viewing maliciously crafted Lotus 1-2-3 attachments, designed to allow the execution of arbitrary code on vulnerable systems. The flaws, discovered by security researchers with Core Security, affect versions 7.x and 8.x of Lotus Notes. Other versions may also be affected. Sys admins are advised to contact IBM support for patches, as explained here. ® 30 comments posted — Comment period finished Rare bug??Posted: 11:20 28th November 2007 As Lotus User...Posted: 12:16 28th November 2007 I assume its rarePosted: 12:30 28th November 2007 Hostile code...Posted: 12:35 28th November 2007 Indeed a Rare BugPosted: 12:35 28th November 2007
Track this type of story as a custom Atom/RSS feed or by email.
|
|
Top 20 stories • All The Week’s Headlines • Archive • Search