The Lotus iNotes ActiveX control, which is used to read e-mail within a browser, contains a flaw that can result in a buffer overflow.

"This could be exploited by an attacker to infect an iNotes user with spyware on visiting a crafted web page," according to The H Security.

"Lotus iNotes, previously known as Lotus Domino Web Access, provides Notes users with web access to their email accounts," the article states. "To achieve this, it installs an ActiveX control which remains active once used and can then be called by any web site. It thus represents a potential target for attack."

Click here to read the article at The H Security.