Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Notes file viewer vulnerabilities - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Notes file viewer vulnerabilities

IBM released a technote titled: "Potential security vulnerabilities in Lotus Notes file viewers for Applix Presents, Folio Flat File, HTML speed reader, KeyView and MIME".

The vulnerabilites center around attached files of many types:

  • Text mail (MIME)
  • HTML speed reader (.htm)
  • Applix Presents (.ag)
  • Folio Flat File (.fff)
  • KeyView document viewing engine

Workarounds and on demand patches are available. Secunia (who reported the vulnerability to IBM) has an advisory on the same subject as well.

--
Swa Frantzen -- Gorilla Security

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!