A buffer overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a long argument to the Attachment_Times method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
A heap overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a crafted argument to the Attachment_Names method. This module runs a web server waiting for vulnerable clients (Internet Explorer 8) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting a stack based buffer overflow vulnerability in the IBM Lotus Notes e-mail client. The module will send an e-mail with an attached file. This file will deploy an agent when opened by the user.
IBM Lotus iNotes ActiveX control dwa85W.dll is vulnerable to a buffer overflow via a long argument passed to the Attachment_Times method. This module runs a web server waiting for vulnerable clients (Internet Explorer 6 or 7) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
A stack-based buffer overflow in IBM Forms Viewer allows an attacker to execute arbitrary code via an specially crafted a .XFDL file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Subscribe to Windows