2 matches found
IBM Lotus Expeditor cai URI Handler Command Execution (CVE-2008-1965)
IBM Lotus Expeditor is a software framework for the development, integration and deployment of client applications. The framework include components that run on desktop computers, handheld devices, and management servers. There exist a buffer overflow vulnerability in IBM Lotus Symphony and Lotus...
CVE-2008-1965
IBM Lotus Expeditor's cai: URI handler in rcplauncher (used by Lotus Expeditor Client for Desktop 6.1.1/6.1.2 and Lotus Symphony) is vulnerable: a crafted cai: URI can inject -launcher to rcplauncher.exe, enabling remote code execution with the user's privileges. The attack relies on loading a sp...