T 5.100 Abuse of active contents on access to Lotus Notes/Domino

In Notes/Domino, it is possible to define active components which are executed following the occurrence of certain events such as the input of data into a particular field. The active components here could be LotusScript or Java programs, for example, and are also known as agents. Execution of one agent can in turn trigger other agents (e.g. if an agent copies data to another database and this action triggers the execution of agents in the target database). Generally it is possible to distinguish between server-side and client-side execution of agents, but both variants are possible.

Furthermore, active content can be executed in Lotus Notes clients, in browsers used which have access to Lotus Domino or in external clients.

Consequently, there is the possibility of an attack to the Lotus Notes/Domino platform by smuggling in malicious active contents. In many cases, this threat materialises only in case of errors in the configuration of the Lotus Domino servers or the client used. These situations are described by the threats T 3.46 Error in the configuration of a Lotus Domino server and T 3.113 Error in the configuration of a Lotus Notes client or an external client with access to Lotus Domino.

However, even when the configuration is correct, an abuse of active contents may occur due to vulnerabilities of the script languages used or the software (see T4.22 Software vulnerabilities or errors). It is likewise possible that a cascading execution of agents causes a problem due to insufficiently modelled dependencies of active contents without an error in the configuration being the direct cause.

A special case is threat T 5.111 Misuse of active content in e-mails which describes the specific situation where harmful active content is introduced via e-mail.