‘Lotus Notes XLS viewer malformed BIFF record heap overflow Vulnerability’
‘The information has been provided by Pablo Santamaria, Oren Isacson and Nadia Rodriguez.
The original article can be found at: http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow‘
* IBM Lotus Notes 8.5.2
* IBM Lotus Notes 8.5.1
* IBM Lotus Notes 8.0.x
* IBM Lotus Notes 7.x
* IBM Lotus Notes 6.x
* IBM Lotus Notes 5.x
* Lotus Notes 8.5.2 Fix Pack 2 [Interim Fix 1]
* Lotus Notes 8.5.2 Fix Pack 3
* Lotus Notes 8.5.3
A memory corruption vulnerability in the Lotus Notes client application can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the .XLS extension. The vulnerability arises from improper parsing of a BIFF record. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.
IBM has issued a security alert describing fixes and workarounds for this vulnerability.
The technical note is available at:
As a workaround, disable the viewer as described in the ‘Options to disable viewers within Lotus Notes’ section of the IBM technical note.
Date published: 2011-05-24
Date of last update: 2011-05-24′