Intrusion Prevention

IBM.Lotus.Notes.HTML.Message.Handling.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in IBM Lotus Notes.
The vulnerability is due to a flaw in the "TagAttributeListCopy" function in "nnotes.dll". A remote attacker may exploit this to execute arbitrary code.

Affected Products

IBM Lotus Notes 7.0.2
IBM Lotus Notes 7.0.1
IBM Lotus Notes 6.5.3
IBM Lotus Notes 6.5.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to IBM Lotus Notes 7.0.3

CVE References

CVE-2007-4222