IBM Rational ClearQuest ActiveX control Cqole.dll is vulnerable to a buffer overflow, caused by a function prototype mismatch in the RegisterSchemaRepoFromFileByDbSet() function. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module exploits a buffer overflow in IBM Personal Communications which allows attackers to execute arbitrary code via a crafted .ws (aka workspace) file.
A buffer overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a long argument to the Attachment_Times method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
A heap overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a crafted argument to the Attachment_Names method. This module runs a web server waiting for vulnerable clients (Internet Explorer 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a stack based buffer overflow vulnerability in the IBM Lotus Notes e-mail client. The module will send an e-mail with an attached file. This file will deploy an agent when opened by the user.
IBM Lotus iNotes ActiveX control dwa85W.dll is vulnerable to a buffer overflow via a long argument passed to the Attachment_Times method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by instantiating the "iim" uri handler with a malicious DLL (impact.dll) as parameter.
A malformed NFX document allows an attacker to execute arbitrary code. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
A stack-based buffer overflow in IBM Forms Viewer allows an attacker to execute arbitrary code via an specially crafted a .XFDL file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits a vulnerability in IBM Access Support Control (IbmEgath.dll). When the GetXMLValue method process a long string argument, a stack based buffer overflow occurs. This module runs a web server waiting for vulnerable clients (Internet Explorer) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.