CVE-2010-5204

Name of the Vulnerable Software and Affected Versions IBM Lotus Symphony version 1.3.0 20090908.0900

Description The issue allows local users to gain privileges via a Trojan horse eclipse 1114.dll or emser645mi.dll file in the current working directory. This can be demonstrated by a directory that contains a file with certain extensions, such as .odm, .odt, .otp, .stc, .stw, .sxg, or .sxw.

Recommendations For IBM Lotus Symphony version 1.3.0 20090908.0900, consider removing or restricting access to the eclipse 1114.dll and emser645mi.dll files to minimize the risk of exploitation. Additionally, avoid executing files from untrusted directories to reduce the risk of privilege escalation. At the moment, there is no information about a newer version that contains a fix for this issue.