[security-alerts] FW: [SA27871] Symantec Mail Security Lotus 1-2-3 File Viewer Buffer Overflows

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
>
> TITLE:
> Symantec Mail Security Lotus 1-2-3 File Viewer Buffer Overflows
>
> SECUNIA ADVISORY ID:
> SA27871
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/27871/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> DoS, System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> Symantec Mail Security Appliance 5.0.x
> http://secunia.com/product/14636/
>
> SOFTWARE:
> Symantec Mail Security for Domino 7.x
> http://secunia.com/product/16341/
> Symantec Mail Security for Exchange 4.x
> http://secunia.com/product/2820/
> Symantec Mail Security for Microsoft Exchange 5.x
> http://secunia.com/product/6650/
> Symantec Mail Security for SMTP 4.x
> http://secunia.com/product/3558/
> Symantec Mail Security for SMTP 5.x
> http://secunia.com/product/13591/
>
> DESCRIPTION:
> Some vulnerabilities have been reported in Symantec Mail Security,
> which can be exploited by malicious people to compromise a vulnerable
> system.
>
> The vulnerabilities are caused due to various errors within the
> third-party Lotus 1-2-3 file viewer and can be exploited to cause
> buffer overflows when a specially crafted file is checked.
>
> For more information:
> SA27849
>
> Successful exploitation allows execution of arbitrary code, but
> requires that e.g. a policy is setup for scanning the contents of
> messages.
>
> The vulnerabilities are confirmed in Symantec Mail Security for SMTP
> version 5.0.1 with Patch 187. Other versions may also be affected.
>
> SOLUTION:
> Disable scanning of message content if enabled.
>
> PROVIDED AND/OR DISCOVERED BY:
> Originally reported in IBM Lotus Notes by Sebasti?n Mu?iz, CORE
> IMPACT Exploit Writers Team.
>
> OTHER REFERENCES:
> SA27849:
> http://secunia.com/advisories/27849/
>
>