IBM Lotus Quickr 8.2 qp2.cab ActiveX Control Buffer Overflow Vulnerability
08 January 2013
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 184.108.40.206-002a for Domino allow remote attackers to execute arbitrary code via a long argument to the (1) Attachment_Times or (2) Import_Times method.
CVSS v2 Base Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.
Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.
68% of US smartphone users are concerned about having their activity tracked to serve them targeted ads, suggesting that most smartphone users are uncomfortable with the idea of online behavioral advertising.