Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a heap-based buffer overflow, as demonstrated by a .doc file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2012-01-23T15:00:00

Updated: 2024-08-06T18:16:19.381Z

Reserved: 2011-12-14T00:00:00

Link: CVE-2012-0192

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-01-23T15:55:00.943

Modified: 2024-11-21T01:34:33.290

Link: CVE-2012-0192

cve-icon Redhat

No data.