IBM iNotes ActiveX Control Vulnerability (Nov 8, 2013)
IBM iNotes (formerly IBM Lotus iNotes) is a web-based version of the IBM Notes client; it provides browser access to IBM Notes email, calendar and contacts. IBM iNotes includes an ActiveX component (DWA9W) which enables enhanced attachment functions.
An integer overflow vulnerability exists in IBM iNotes; the vulnerability is due to exposure of an unsafe property in the DWA9W ActiveX control. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted webpage using Internet Explorer. Successful exploitation could lead to arbitrary code execution in the security context of the logged-in user. Failed attacks could lead to termination of the browser. The vulnerability has been assigned as CVE-2013-3027. Dell SonicWALL has released an IPS signature to detect and block specific exploitation attempts targeting this vulnerability. The signature is listed below:- 7598 IBM iNotes DWA9W ActiveX Instantiation