Name:
IBM.Lotus.Sametime.StMux.EXE.Stack.Overflow
Released Date:
May 23 2008
Severity:
high
CVE:
2008-2499
Bugtraq:
29328

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Lotus Sametime.

The IBM Lotus Sametime application contains a stack-based buffer-overflow vulnerability that is triggered when processing malformed HTTP requests. Successful exploitation could make it possible for remote attackers to execute arbitrary code or crash a vulnerable system.
 
Impact
System Compromise
Denial of Service
 
Affected Products
IBM Lotus Sametime 7.5.1
IBM Lotus Sametime 8.0
IBM Lotus Sametime 7.5
IBM Lotus Sametime 7.0
Aliases
References
http://www.securityfocus.com/bid/29328
http://www.frsirt.com/english/advisories/2008/1595
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2499
http://www.zerodayinitiative.com/advisories/ZDI-08-028/
Recommended Actions
Apply the most recent upgrades or patches from IBM. Please refer to the following page for more details:

http://www.ibm.com/support/docview.wss?rs=463&uid=swg21303920

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED