161 matches found
CVE-2013-6749
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748...
CVE-2013-6748
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749...
CVE-2013-6748
CVE-2013-6748 describes a buffer overflow in the ActiveX control qp2.dll (qp2.cab) of IBM Lotus Quickr for Domino 8.5.1, prior to 8.5.1.42-001b. Successful exploitation via a crafted HTML document enables remote arbitrary code execution. This entry is distinct from CVE-2013-6749 (which covers a s...
CVE-2013-6749
CVE-2013-6749 affects IBM Lotus Quickr for Domino 8.5.1 (qp2.cab ActiveX control). A stack/buffer overflow in the ActiveX control allows remote code execution via a crafted HTML document. Exploitation typically requires the target to load a malicious page or file; impact is arbitrary code executi...
IBM Lotus Quickr qp2.cab ActiveX Control Integer Overflow (CVE-2013-3026)
A buffer overflow vulnerability exists in IBM Lotus Quickr for Domino. The vulnerability is due to an integer overflow within the qp2.cab ActiveX control. A remote attacker can exploit this vulnerability by enticing a target user to visit a crafted web page using Internet Explorer. Successful...
IBM Quickr for Domino ActiveX Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...
Lotus Quickr for Domino qp2.dll ActiveX Control Integer Overflow Remote Code Execution
An unspecified flaw in the Lotus Quickr for Domino qp2.dll ActiveX control has an unspecified integer overflow that leads to a heap buffer overflow. By tricking a victim into opening a specially crafted web page, an attacker can leverage this vulnerability to execute arbitrary code, subject to th...
CVE-2013-3026
Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site...
Buffer overflow
Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site...
CVE-2013-3026
Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 before FP 8.1.0.32-001a, 8.2 before FP 8.2.0.28-001a, and 8.5.1 before FP 8.5.1.39-002a for Domino allows remote attackers to execute arbitrary code via a crafted web site...
CVE-2013-3026
CVE-2013-3026 affects IBM Lotus Quickr for Domino via the qp2.cab ActiveX control. An integer/heap overflow in qp2.dll/qp2.cab leads to remote code execution when a user visits a crafted web page with IE. Exploitation requires user interaction (per ZDI); successful exploitation could run code in ...
IBM Lotus QuickR qp2 ActiveX Buffer Overflow Vulnerability
This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr...
IBM Lotus QuickR qp2 - ActiveX Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
This module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "AttachmentTimes" property, due to the insecure usage of the swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. Thi...
IBM Lotus Quickr qp2.cab ActiveX Control Stack Buffer Overflow (CVE-2012-2176)
A stack-based buffer overflow vulnerability has been reported in IBM Lotus Quickr...
IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QP2.cab...
IBM Lotus Quickr QP2 ActiveX Overflow
Added: 05/31/2012 CVE: CVE-2012-2176 BID: 53678 OSVDB: 82166 Background IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more. Problem The Lotus Quickr client installs several ActiveX controls on...
IBM Lotus Quickr QP2 ActiveX Overflow
Added: 05/31/2012 CVE: CVE-2012-2176 BID: 53678 OSVDB: 82166 Background IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more. Problem The Lotus Quickr client installs several ActiveX controls on...
IBM Lotus Quickr QP2 ActiveX Overflow
Added: 05/31/2012 CVE: CVE-2012-2176 BID: 53678 OSVDB: 82166 Background IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more. Problem The Lotus Quickr client installs several ActiveX controls on...