Lucene search
Gaurav Baruah of eSecForte Technologies Pvt. LtdZDI-12-132HistoryAug 03, 2012 - 12:00 a.m.
IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability
2012-08-0300:00:00
Gaurav Baruah of eSecForte Technologies Pvt. Ltd
www.zerodayinitiative.com
18
0.97 High
EPSS
Percentile
99.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus iNotes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dwa85W.cab ActiveX control. When passing a long string argument to the Attachment_Times parameter during the control instantiation it is possible to overflow a stack buffer causing memory corruption. This can be leveraged by an attacker to execute code under the context of the user running the browser.
Related
zdt
zdt
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow Vulnerability
2012-12-31 00:00:00
saint
saint
Lotus Notes iNotes Attachment_Times ActiveX Overflow
2012-08-22 00:00:00
Lotus Notes iNotes Attachment_Times ActiveX Overflow
2012-08-22 00:00:00
Lotus Notes iNotes Attachment_Times ActiveX Overflow
2012-08-22 00:00:00
cve
cve
CVE-2012-2175
2012-06-20 10:27:28
seebug
seebug
IBM Lotus iNotes Upload模块ActiveX控件缓冲区溢出漏洞
2012-06-27 00:00:00
packetstorm
packetstorm
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
2012-12-31 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Lotus iNotes dwa85W.dll ActiveX Control Buffer Overflow (CVE-2012-2175)
2012-10-14 00:00:00
nvd
nvd
CVE-2012-2175
2012-06-20 10:27:28
nessus
nessus
securityvulns
securityvulns
ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability
2012-08-13 00:00:00
IBM Lotus iNotes / Quickr ActiveX code execution
2012-08-13 00:00:00
prion
prion
Buffer overflow
2012-06-20 10:27:00
cvelist
cvelist
CVE-2012-2175
2012-06-20 10:00:00