IBM Lotus Domino Accept Language Stack Overflow Advisory
- Published: 20 May 2008
IBM Lotus Domino “Accept Language” Stack Overflow Advisory
CVE-2008-2240
Share
Type
- IBM Lotus Domino “AcceptLanguage” Stack Overflow
Severity
- High
Affected products
- IBM Lotus Domino Web Server
Date
- 2008-05-20
CVE Reference
- CVE-2008-2240
MWR InfoSecurity published an advisory today relating to a stack based buffer overflow vulnerability in IBM Lotus Domino Web Server which can be exploited remotely.
The vulnerability would enable an attacker to execute arbitrary code on the system in the majority of installations this will be with local SYSTEM privileges.
Users should upgrade to the latest secure version of the product by applying the appropriate vendor provided security fix. The versions not affected by this issue are Lotus Domino 7.0.3 FixPack 1 (FP1) and 8.0.1. Information about the location of updated packages can be discovered at the following location: http://www.ibm.com/support/docview.wss?rs=463&uid=swg21303057