BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

IBM Notes PNG Integer Overflow

Disclosed May 7, 2013    Fully Patched

Vulnerability Description:

IBM Notes contains a vulnerability when parsing maliciously crafted PNG images, which may be embedded within an email message. No user interaction is required to exploit this vulnerability, other than viewing an email that contains a malicious PNG. Successful exploitation may allow a remote attacker to arbtrarily execute code within the security context of the currently logged on user. 

Vendors:

IBM

Vulnerable Software/Devices:

IBM Notes (formerly IBM Lotus Notes) for UNIX/Linux:
Version 9.x
Version 8.x

Vulnerability Severity:

High

Exploit Availability:

N/A

Exploit Impact:

Remote Code Execution
Remote Code Execution Exploitation of this vulnerability is possible by convincing users to open an email containing a maliciously crafted PNG. Remote attackers who successfully exploit this vulnerability will be able to execute code on the vulnerable system with the same rights as the currently logged on user.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 19074 - IBM Notes PNG Integer Overflow (20130506) - UNIX/Linux

Mitigation:

Avoid opening untrusted emails, or emails from trusted sources that arrive unexpectedly. There is no patch currently available for UNIX/Linux clients. However, there is a patch available for Windows and Mac OS X clients. The vendor recommends disabling JavaScript within IBM Notes to make it more difficult to exploit this vulnerability.

Links:

CVE(s):

None

Leave a Reply