Lotus Notes Attachment Viewer UUE file buffer overflow

Added: 02/21/2006
CVE: CVE-2005-2618
BID: 16576
OSVDB: 23065

Lotus Notes is the client for Lotus Domino servers.

A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file.

Upgrade to version 6.5.5 or 7.0.1 or higher.

Exploit works on Lotus Notes 6.5.4. This exploit sends an e-mail to the specified address and requires the user to view the attachment.