Lotus Notes URI Handler Argument Injection Vulnerability
Jouko Pynnonen, in association with iDEFENSE, reported a vulnerability in the Lotus Notes 6.x client that may allow an attacker to execute malicious code on the user's workstation under certain circumstances.
The iDEFENSE advisory address is as follows:
The Notes URI handler fails to properly filter input when a web browser activates the Notes client by clicking on a Notes URI.
This issue was reported to IBM Lotus software Quality Engineering and has been resolved in Notes 6.0.4 and 6.5.2. For information on obtaining these latest release of Lotus Notes, refer to "Lotus Notes and Lotus Domino 6.x Maintenance Releases (MRs)" (#4007057). This issue does not occur in Notes R5 or 4.6x releases.
This exploit can be prevented if the use of Internet shares is restricted via firewall configuration or registry settings. It will also fail if the Notes client is already running on the user's workstation.