Computer Security
[EN] securityvulns.ru no-pyccku


IBM Lotus iNotes / Quickr ActiveX code execution
Published:13.08.2012
Source:
SecurityVulns ID:12503
Type:client
Threat Level:
5/10
Description:dwa85W.cab / QP2.cab ActiveX buffer overflow
Affected:IBM : Lotus iNotes 8.5
 IBM : Lotus Quickr 8.2
CVE:CVE-2012-2176 (Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.)
 CVE-2012-2175 (Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.)
Original documentdocumentZDI, ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability (13.08.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod