At the marvelous Engage conference I had the honor to speak about "How to get my app on mobile?". Between the obvious choices of having a … more
There is another recently published vulnerability, IBM Lotus Sametime this time. Versions 3.1, 6.5.1 and 7.0 are affected, but not 7.5:
The affectect JNILoader ActiveX control
is not used in Sametime 7.5 anymore, thus this version is not affected.
A hotfix for Sametime 7.0 exists.
But the easiest workaround is not to
use Internet Explorer
IBM Lotus Sametime JNILoader Vulnerability
iDefense contacted IBM® Lotus® to report a potential vulnerability with the JNILoader ActiveX control used by the IBM Lotus Sametime® Web Conferencing server.
The iDefense advisory can be accessed from the following link: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=495
The JNILoader ActiveX control was introduced in early versions of the Sametime web conferencing server in order to prevent crashes caused by the length of time it took to uninitialize the Sametime audio/video DLLs when closing the browser. The JNILoader control was scriptable to allow for DLL version changes between Sametime server releases. The primary function of this ActiveX control was to load/unload native Sametime DLLs, however, the control can be re-used on non-Sametime pages such that the scriptable "loadLibrary()" function has the potential to be exploited to load malicious code on the local workstation. This functionality was replaced in Sametime 7.5 with a 100% Java-based, and non-scriptable solution which could be used with all browsers. In controlled environments, there is no risk with Sametime servers. The risk is when the Sametime related ActiveX control is used on non-Sametime web pages.
Sie haben Fragen zu diesem Artikel? Kontaktieren Sie uns gerne: firstname.lastname@example.org
"Drive your dreams" - is the motto of this year's international Engange conference, which will take place in Brussels for three days ... more
9,6% market share and 18% market growth for IBM in the AI sector in 2017 – that is the impressive result of a study … more