Does Microsoft Security Bulletin MS04-028: "Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)" affect IBM Lotus Customers?

Technote (FAQ)


Question

Does Microsoft Security Bulletin MS04-028: "Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)" affect IBM Lotus software Customers?

Answer

Customers who use Microsoft Internet Explorer to access IBM Lotus software products, such as Domino Web Access, Team Workplace (QuickPlace), or Domino Web applications or use it as a browser option within the Lotus Notes client should follow Microsoft's upgrade recommendations for Internet Explorer.

IBM Lotus software does not ship the vulnerable file, gdiplus.dll, with any software product. Therefore, Lotus software products are not directly affected by the vulnerability.

Email messages containing JPEG in-line images are not affected. Email messages containing JPEG images as attachments viewed with the Notes viewer are also not affected. However, email messages containing JPEG images as attachments that are opened in Internet Explorer or viewed with the default Windows JPEG viewer (by right-clicking the attachment and selecting Open) may be vulnerable. Customers should follow Microsoft's recommendations for Internet Explorer and the default Windows JPEG viewer.



    Cross Reference information
    Segment Product Component Platform Version Edition
    Messaging Applications Lotus End of Support Products Lotus QuickPlace
    Messaging Applications Lotus End of Support Products Lotus Domino Web Access
    Messaging Applications Lotus End of Support Products Lotus Notes

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Lotus End of Support Products
Lotus Domino Server

Software version:

5.0, 6.0, 6.5

Operating system(s):

AIX, Linux, Solaris, Windows, i5/OS, z/OS

Reference #:

1180145

Modified date:

2004-09-29

Translate my page

Machine Translation

Content navigation