Vulnonym.org

CVE-2008-2499 - Untruthful Bracket

Description

Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier and 8.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted URL.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-08-028/ http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21303920 http://www.securityfocus.com/bid/29328 http://secunia.com/advisories/30309 http://www.securitytracker.com/id?1020093 http://www.vupen.com/english/advisories/2008/1595/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42575