Forbidden Web

Apr 09, 2008 IBM Lotus Notes Vulnerabilities
IBM has released Technote 1298453 to address multiple vulnerabilities in Lotus Notes. These vulnerabilities are due to improper handling of the following file types:
  • Applix Presents (.ag)
  • Folio Flat File (.fff)
  • HTML speed reader (.htm)
  • KeyView document viewing engine
  • Text mail (MIME)
By convincing a user to open a specially crafted file attachment, an attacker may be able to execute arbitrary code.

US-CERT encourages users to review IBM Technote 1298453 and apply the appropriate updates or workarounds.