CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
98.2%
Added: 05/31/2012
CVE: CVE-2012-2176
BID: 53678
OSVDB: 82166
IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more.
The Lotus Quickr client installs several ActiveX controls on the client system. These controls can be accessed by any website. The Attachment_Times and Import_Times methods of the QuickPlace.QuickPlace class do not properly sanitize their parameters. Passing an overly long parameter will result in an exploitable heap overflow condition.
Upgrade to version 8.2.0.27-002a or later.
Alternatively, the vulnerable ActiveX control can be disabled in Internet Explorer by manually setting the kill bit. Complete the following steps to set the kill bit on the machine where Quickr for Domino is installed. 1. Start the Microsoft Windows Registry Editor (regedit). 2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveXCompatibility 3. Add a new Key: {05D96F71-87C6-11d3-9BE4-00902742D6E0} 4. Select that Key and create a new DWORD value named: Compatibility Flags 5. Set the Compatibility Flags value to: 0x00000400 6. Exit the Registry Editor. 7. Restart Internet Explorer.
<http://www-304.ibm.com/support/docview.wss?uid=swg21596191>
This exploit has been tested against Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn) using Internet Explorer version 8 and 9.
Windows