Home page logo

bugtraq logo Bugtraq mailing list archives

Lotus expeditor rcplauncher uri handler vulnerability
From: "Thomas Pollet" <thomas.pollet () gmail com>
Date: Fri, 25 Apr 2008 17:04:02 +0200


Lotus expeditor rcplauncher registers a cai: uri handler.
 This handler executes
"D:\Program Files\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe"
-config notes -com.ibm.rcp.portal.app.ui#openCA "%1"
the rcplauncher process accepts various arguments which can be abused
to execute arbitrary code.
 The argument to the -launcher option for example is an executable
that will be executed.

malicious uri example:

original advisory :

Thomas Pollet

  By Date           By Thread  

Current thread:
  • Lotus expeditor rcplauncher uri handler vulnerability Thomas Pollet (Apr 25)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]