IBM Lotus SameTime STJNILoader.OCX ActiveX控件LoadLibrary输入验证漏洞

IBM Corp.'s Lotus Sametime产品提供实时在线会议解决方案。 IBM Corp.'s Lotus Sametime产品包含的STJNILoader.ocx组件存在输入验证问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 此控件使用如下的CLASSID： 7261EE42-318E-490A-AE8F-77649DBA1ECA and 0B9C9C7D-ED81-4594-AFCB-FC5588125382 此控件一般标记为安全脚本，并导出的LoadLibrary函数没有过滤输入，构建恶意WEB页，诱使用户访问，可导致以应用程序进程权限执行任意指令。 IB...

Code injection

The JNILoader ActiveX control STJNILoader.ocx 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function...

IBM Lotus Sametime code execution

LoadLibrary function is available through ActiveX element...

To uncover the virus-the mystery of DLL remote inject technical explanation-vulnerability warning-the black bar safety net

DLL remote injection technology is currently the Win32 virus is a widely used technology. Using this technique the virus body is usually located in a DLL, At system startup, an EXE program will the DLL be loaded to some system processes 如 Explorer.exe in the run. As a result, the ordinary Process...