Added: 08/22/2012
CVE: CVE-2012-2175
BID: 53879
OSVDB: 82755
Lotus Notes is the client for Lotus Domino servers. iNotes is a web-based alternative to the Notes client.
The iNotes ActiveX control does not properly validate the user-supplied values for the attachment_times
parameter. Heap corruption may occur if a specially crafted value is supplied. A malicious website could exploit this vulnerability via Javascript to use it to gain remote execution access on the target’s system.
Apply the hotfix supplied by the IBM Security Bulletin.
Alternatively, the problem can be mitigated by disabling the ActiveX control for scripting in Internet Explorer. The GUID of the ActiveX control is 0F2AAAE3-7E9E-4b64-AB5D-1CA24C6ACB9C
. Further instructions are available in the aforementioned IBM Security Bulletin.
<http://www-01.ibm.com/support/docview.wss?uid=swg21596862>
This exploit has been tested against IBM Lotus iNotes 8.5.3 FP1 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn).
Windows