1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP IBM Lotus Domino Web Access ActiveX BO

HTTP IBM Lotus Domino Web Access ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempt to exploit a buffer overflow vulnerability by passing long arguments into a method of IBM Lotus Domino Web Access Upload Module ActiveX Control.

Additional Information

IBM Lotus Domino is a client/server product designed for collaborative working environments. Domino Server supports email, scheduling, instant messaging, and data-driven applications. Web Access is a browser-based client for Lotus Domino.

IBM Lotus Domino Web Access Upload module is prone to a memory-corruption vulnerability because of an insecure method in the ActiveX controls with the following CLSIDs:

E008A543-CEFB-4559-912F-C27C2B89F13B
3BFFE033-BF43-11d5-A271-00A024A51325

This issue affects the 'inotes6.ddl' and 'intes6w.dll' files of Domino 6.x and the 'dwa7.dll' and 'dwa7W.dll' files of Domino 7.x. An attacker can trigger this issue by setting the 'General_ServerName()' attribute to a large value before calling the 'InstallBrowserHelperDll()' method.

The attacker can exploit this issue by enticing an unsuspecting user to view a malicious HTML page.

Successfully exploiting this issue can allow remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely result in denial-of-service conditions.

Affected

  • IBM Domino Web Access 6.0, 6.5, 7.0, 6.0.1, 6.0.1 1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 6.5.5, 7.0.1
  • IBM Lotus Domino Web Access 7.0.1
  • IBM Lotus Domino Web Access Upload Module 7.0.34.1
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube