The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lotus_sametime | Ibm | * | 7.0 (including) |
| Lotus_sametime | Ibm | 7.5 (including) | 7.5 (including) |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495
- http://www-1.ibm.com/support/docview.wss?uid=swg21257029
- http://www.securityfocus.com/bid/23201
- http://www.securitytracker.com/id?1017828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33314
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495
- http://www-1.ibm.com/support/docview.wss?uid=swg21257029
- http://www.securityfocus.com/bid/23201
- http://www.securitytracker.com/id?1017828
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33314