IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability
RISK: High Risk
TYPE: Servers - Other Servers
A vulnerability has been identified in IBM Lotus iNotes Upload Module ActiveX Control, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the dwa85W.dll module and can be exploited to cause a buffer overflow by assigning an overly long string to the "Attachment_Times" property. Successful exploitation may allow execution of arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- IBM Lotus iNotes 8.5.x
- IBM Lotus iNotes Upload Module ActiveX Control 8.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply Interim Fix 1 for version 8.5.3 Fix Pack 1.
Vulnerability Identifier
Source
Related Link
Share with