IBM Lotus Quickr 8.2 qp2.cab ActiveX Control Buffer Overflow Vulnerability
08 January 2013
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 184.108.40.206-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Posted on 23 January 2015. | The DMARC specification has emerged in the last couple years to pull together all the threads of email authentication technology under one roof—to standardize the method in which email is authenticated, and the manner in which reporting and policy enforcement is implemented.
Posted on 23 January 2015. | Adobe has released an out-of-band update for Flash Player, which fixes a security flaw (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the Windows platform.
Posted on 21 January 2015. | Brandon Hoffman, Lumeta's CTO, talks about the management strategies that are essential in the information security industry. He also offers advice to those stepping into the CTO role for the first time, and talks about the evolution of network situational awareness.
Posted on 19 January 2015. | Rather than spend resources on measures such as pen testing, it’s now perhaps more relevant to find ways of monitoring for, rooting out, identifying and taking remedial action against malware and threats already inside a network.