Symantec mail security gateways have a problem when it comes to scanning Lotus 1-2-3 files. Here is the write up from Secunia.
Description:
Some vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system.The vulnerabilities are caused due to various errors within the third-party Lotus 1-2-3 file viewer and can be exploited to cause buffer overflows when a specially crafted file is checked.
Successful exploitation allows execution of arbitrary code, but requires that e.g. a policy is setup for scanning the contents of messages.
The vulnerabilities are confirmed in Symantec Mail Security for SMTP version 5.0.1 with Patch 187. Other versions may also be affected.
Solution:
Disable scanning of message content if enabled.
[tags]Symantec, Symantec Buffer Overflow, Symantec Mail Security Vulnerability[/tags]