CVE-2010-3407

Name of the Vulnerable Software and Affected Versions IBM Lotus Domino versions 8.0.x through 8.0.2 FP4 IBM Lotus Domino versions 8.5.x through 8.5.1 FP1

Description The issue is related to a stack-based buffer overflow in the MailCheck821Address function. This occurs when the nrouter.exe service processes an iCalendar calendar-invitation e-mail message with a long e-mail address in the ORGANIZER:mailto header, allowing remote attackers to execute arbitrary code.

Recommendations For IBM Lotus Domino versions 8.0.x through 8.0.2 FP4, update to version 8.0.2 FP5 or later. For IBM Lotus Domino versions 8.5.x through 8.5.1 FP1, update to version 8.5.1 FP2 or later.