IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
BID:26200
Info
IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 26200 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-4222 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 24 2007 12:00AM |
| Updated: | Oct 25 2007 09:36PM |
| Credit: | UVInc. is credited with the discovery of this vulnerability. |
| Vulnerable: |
IBM Lotus Notes 7.0.2 IBM Lotus Notes 7.0.1 IBM Lotus Notes 6.5.3 IBM Lotus Notes 6.5.1 |
| Not Vulnerable: |
IBM Lotus Notes 7.0.3 IBM Lotus Notes 8.0 |
Discussion
IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
IBM Lotus Notes is prone to a buffer-overflow vulnerability because the application fails to adequately perform boundary checks on user-supplied data. This issue occurs in the 'nnotes.dll' dynamic linked library.
Successfully exploiting this issue could allow attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition.
IBM Lotus Notes is prone to a buffer-overflow vulnerability because the application fails to adequately perform boundary checks on user-supplied data. This issue occurs in the 'nnotes.dll' dynamic linked library.
Successfully exploiting this issue could allow attackers to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition.
Exploit / POC
IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected]
Solution / Fix
IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
Solution:
The vendor released updates to address this issue. Please see the references for more information.
Solution:
The vendor released updates to address this issue. Please see the references for more information.
References
IBM Lotus Notes TagAttributeListCopy Remote Buffer Overflow Vulnerability
References:
References: