- New vulnerabilities in IBM Lotus Notes -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, September 11, 2006 - Two new vulnerabilities have been reported
in IBM Lotus Notes. The first of these allows erroneous sending of
emails, while the second could allow remote execution of code.

The first of these problems occurs when a user response to an email
message in which identical user names have been included in the "To:"
and "Cc:" fields, which could mean that the values in the AltCopyTo and
INetCopyTo fields are out of sync with the CopyTo field. As a result,
messages could be incorrectly addressed.

This only occurs if the "Default display name" preference is configured
to "Display alternate names."

IBM will shortly release updates to prevent the problem in versions 6.5x
and 7.0x. Until then, the IBM advisory, at
http://www-1.ibm.com/support/docview.wss?rs=475&uid=swg21243602 includes
a workaround to correct the affected template.

In the second problem in IBM Lotus Notes, consisting of remote execution
of arbitrary code, lies in a buffer overflow in dunzip32.dll, when a
specially modified zip file is processed.

The IBM advisory and the necessary updates are available at
http://www-1.ibm.com/support/docview.wss?rs=899&uid=swg21229932