Lotus Domino Cross Site Scripting and Buffer Overflows

At least two injection attack vectors have been discovered in IBM’s Lotus Domino Web Servers versions 6.x, 7.x and 8.x. These can lead to a stack based buffer overflow which may allow remote code execution and Cross Site Scripting attacks that can allow the execution of arbitrary HTML and script code. We recommend that you update your web servers as is appropriate.

The original advisories can be viewed at:



Lotus Notes Multiple Keyview Parsing Vulnerabilities

Vulnerabilities in various third-party file viewing applications can leave systems using Lotus Notes open to compromise. In specific situations, specially crafted files can allow for the execution of arbitrary code. Lotus Notes versions 7.0.3 and 8.0 are known to be vulnerable, other versions may also have issues. The file types that can be used to leverage this vulnerability are:
 Applix Presents (.ag)
 Folio Flat File (.fff)
 HTML speed reader (.htm)
 KeyView document viewing engine
 Text mail (MIME)

These issues were originally discovered by the Secunia Research team. More information can be found at: http://secunia.com/advisories/28210

IBM’s response, including remediation suggestions is available at: http://www.ibm.com/support/docview.wss?rs=463&uid=swg21298453