Skip to main content

IBM Lotus Notes File Viewers Multiple Vulnerabilities

Last Update Date: 26 May 2011 10:05 Release Date: 26 May 2011 6917 Views

RISK: High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Multiple vulnerabilities have been identified in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.

  1. An error within xlssr.dll when parsing a Binary File Format (BIFF) record in an Excel spreadsheet can be exploited to cause a heap-based buffer overflow.
  2. An unspecified error within lzhsr.dll when parsing LZH file format can be exploited to cause a buffer overflow.
  3. An unspecified error within rtfsr.dll when parsing RTF file format can be exploited to cause a buffer overflow.
  4. An unspecified error within mw8sr.dll when parsing certain Microsoft Office Documents can be exploited to cause a buffer overflow.
  5. An unspecified error within assr.dll when parsing Applix Spreadsheets can be exploited to cause a buffer overflow.
  6. An unspecified error within kpprzrdr.dll when parsing Lotus Notes .prz file format can be exploited to cause a buffer overflow.
  7. An unspecified error within kvarcve.dll when parsing Lotus Notes .zip file format can be exploited to cause a buffer overflow.

Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Lotus Notes versions 8.0 and 8.5

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link