‫ IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability

IRCAD2012061963
ID: IRCAD2012061963
Release Date: 2012-06-08
Criticality level: Highly critical
 
Software:
IBM Lotus iNotes 8.5.x
IBM Lotus iNotes Upload Module ActiveX Control 8.x
 
Description:
A vulnerability has been reported in IBM Lotus iNotes Upload Module ActiveX Control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the dwa85W.dll module and can be exploited to cause a buffer overflow by assigning an overly long string to the "Attachment_Times" property.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in IBM Lotus iNotes 8.5.x. Prior versions may also be affected.
 
Solution
Apply Interim Fix 1 for version 8.5.3 Fix Pack 1.
 
References:
IBM:
 
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 20 خرداد 1391

امتیاز

امتیاز شما
تعداد امتیازها:0