CVE-2012-2176

Name of the Vulnerable Software and Affected Versions IBM Lotus Quickr versions prior to 8.2.0.27-002a for Domino

Description The issue is related to multiple stack-based buffer overflows in a certain ActiveX control. This can be exploited by remote attackers to execute arbitrary code via a long argument to the (1) Attachment Times or (2) Import Times method.

Recommendations For versions prior to 8.2.0.27-002a for Domino, update to version 8.2.0.27-002a or later to resolve the issue. As a temporary workaround, consider disabling the Attachment Times and Import Times methods until a patch is available. Restrict access to the affected ActiveX control to minimize the risk of exploitation.