| May 22, 2008 |
IBM Lotus Sametime Vulnerability IBM has released a Technote to address a vulnerability in Lotus Sametime. This vulnerability is due to an error in the way long URLs are processed within the Community Services Multiplexer (StMux.exe). By sending a specially crafted URL, an attacker may be able to cause a stack-based buffer overflow and execute arbitrary code. US-CERT encourages users to review the IBM Technote "Potential stack overflow vulnerability with IBM Lotus Sametime Community Services multiplexer (MUX)" and apply any necessary updates or workarounds. |