Lucene search
Gaurav Baruah of eSecForte Technologies Pvt. LtdZDI-12-134HistoryAug 03, 2012 - 12:00 a.m.
IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability
2012-08-0300:00:00
Gaurav Baruah of eSecForte Technologies Pvt. Ltd
www.zerodayinitiative.com
20
EPSS
0.765
Percentile
98.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QP2.cab ActiveX control. When passing a long string argument to the Attachment_Times or Import_Times parameters during the controlβs instantiation it is possible to overflow a stack buffer causing memory corruption. This can be leveraged by an attacker to execute code under the context of the user running the browser.
Related
exploitdb
exploitdb
IBM Lotus QuickR qp2 - ActiveX Buffer Overflow (Metasploit)
2012-12-31 00:00:00
nvd
nvd
CVE-2012-2176
2012-05-25 20:55:01
saint
saint
IBM Lotus Quickr QP2 ActiveX Overflow
2012-05-31 00:00:00
IBM Lotus Quickr QP2 ActiveX Overflow
2012-05-31 00:00:00
IBM Lotus Quickr QP2 ActiveX Overflow
2012-05-31 00:00:00
cvelist
cvelist
CVE-2012-2176
2012-05-25 20:00:00
seebug
seebug
IBM Lotus Quickr 'qp2.cab' ActiveXζ§δ»Άζ ηΌε²εΊζΊ’εΊζΌζ΄
2012-05-25 00:00:00
cve
cve
CVE-2012-2176
2012-05-25 20:55:01
metasploit
metasploit
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
2012-12-28 10:44:30
packetstorm
packetstorm
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
2012-12-31 00:00:00
checkpoint_advisories
checkpoint_advisories
zdt
zdt
IBM Lotus QuickR qp2 ActiveX Buffer Overflow Vulnerability
2012-12-31 00:00:00
prion
prion
Stack overflow
2012-05-25 20:55:00
d2
d2
DSquare Exploit Pack: D2SEC_QP2
2012-05-25 20:55:00
securityvulns
securityvulns
IBM Lotus iNotes / Quickr ActiveX code execution
2012-08-13 00:00:00