Skip to main content

IBM Lotus Notes File Viewer for Excel Code Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 26 Aug 2009 5372 Views

RISK: Medium Risk

A vulnerability has been identified in IBM Lotus Notes, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the File Viewer for Excel (xlssr.dll) when processing a malformed XLS document, which could be exploited by attackers to crash an affected application or execute arbitrary code by tricking a user into double-clicking a specially crafted attachment and selecting "View".


Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Lotus Notes versions 8.5.x
  • IBM Lotus Notes versions 8.0x
  • IBM Lotus Notes versions 7.x
  • IBM Lotus Notes versions 6.x
  • IBM Lotus Notes versions 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.



Vulnerability Identifier


Source


Related Link