Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lotus_domino_web_server | Ibm | 6.0 (including) | 6.0 (including) |
| Lotus_notes_client | Ibm | 6.0 (including) | 6.0 (including) |
References
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
- http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2
- http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2
- http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2
- http://www-1.ibm.com/support/docview.wss?uid=swg21104543
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://www.kb.cert.org/vuls/id/571297
- http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
- http://www.securityfocus.com/bid/6872
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11339
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0082.html
- http://marc.info/?l=bugtraq\u0026m=104550124032513\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=104550335103136\u0026w=2
- http://marc.info/?l=ntbugtraq\u0026m=104558778131373\u0026w=2
- http://marc.info/?l=ntbugtraq\u0026m=104558778331387\u0026w=2
- http://www-1.ibm.com/support/docview.wss?uid=swg21104543
- http://www.cert.org/advisories/CA-2003-11.html
- http://www.ciac.org/ciac/bulletins/n-065.shtml
- http://www.kb.cert.org/vuls/id/571297
- http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt
- http://www.securityfocus.com/bid/6872
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11339