GBS has acknowledged a vulnerability in multiple iQ.Suite products, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
The vulnerability is caused due to the software bundling a vulnerable Outside In library.
For more information see vulnerability #10 in: SA49936
NOTE: This vulnerability only affects installations using iQ.Suite Wall or iQ.Suite Convert to perform content analysis or to convert attachments to PDF.
The vulnerability is reported in the following products and versions:
* iQ.Suite for Lotus Domino 8/8.5 versions 14.1.2 and prior and 13.3.1 and prior running on Windows 2003/2008 (32- and 64-bit), Red Hat Enterprise Linux 4, SUSE Linux Enterprise Server 8 and later, IBM AIX 5.2 and later, and Oracle Solaris 9 and later.
* iQ.Suite for Microsoft Exchange versions prior to 10.1.3 and prior to 9.3.1 running on Microsoft Exchange 2003, 2007, and 2010.
* iQ.Suite for Microsoft Windows Server 2003/2008 (32- and 64-bit) versions prior to 10.1.3 and prior to 9.3.1.
Solution: Apply patch or update (please see the vendor's advisory for details).
Provided and/or discovered by: Originally reported by Will Dormann, CERT/CC in Oracle Outside In.
Original Advisory: GBS (German):
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: GBS iQ.Suite Multiple Products Outside In Library Unspecified Vulnerability
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.