# Lotus Notes can be hacked by e-mail



## Glaswegian (Sep 16, 2005)

IBM's Lotus Notes messaging software can be compromised by a single maliciously crafted email, according to researchers at Core Security Technologies.

There is a vulnerability in in Autonomy KeyView, software used by Lotus Notes to process Lotus 1-2-3 files, they said. Core's researchers found that when they opened a specially crafted Lotus 1-2-3 email attachment in Lotus Notes, they could run unauthorised software on the PC.

Although details of the flaw have not been published, and it has not been picked up by criminals, a determined attacker could easily write attack code, said Ivan Arce, chief technology officer with Core. That's because there are already a number of known KeyView bugs, so exploit code for similar flaws can easily be found. 


http://www.techworld.com/security/news/index.cfm?RSS&NewsID=10772


----------

