CVE-2012-2175

IBM Lotus iNotes 8.5.x - Buffer Overflow in Attachment_Times Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-2175. PoCs published by Metasploit, Gaurav Baruah, juan vazquez, including Metasploit module exploits/windows/browser/inotes_dwa85w_bof.

AI-analyzed exploit summary This Metasploit module exploits a buffer overflow in IBM Lotus iNotes ActiveX control (dwa85W.dll) via the 'Attachment_Times' property, achieving remote code execution on vulnerable systems. It uses heap spraying and ROP chains to bypass ASLR and DEP.

Description

Buffer overflow in the Attachment_Times method in a certain ActiveX control in dwa85W.dll in IBM Lotus iNotes 8.5.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a long argument.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/23736

This Metasploit module exploits a buffer overflow in IBM Lotus iNotes ActiveX control (dwa85W.dll) via the 'Attachment_Times' property, achieving remote code execution on vulnerable systems. It uses heap spraying and ROP chains to bypass ASLR and DEP.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: IBM Lotus iNotes ActiveX (dwa85W.dll 85.3.3.0)
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6-9 · IBM Lotus iNotes ActiveX control installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by Gaurav Baruah, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/inotes_dwa85w_bof.rb

This Metasploit module exploits a buffer overflow vulnerability in the IBM Lotus iNotes dwa85W ActiveX control via the 'Attachment_Times' property, leveraging heap spraying and ROP chains for reliable exploitation across multiple IE versions and Windows platforms.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: IBM Lotus iNotes dwa85W.dll 85.3.3.0
No auth needed
Prerequisites: Victim must visit a malicious webpage using Internet Explorer 6-9 · IBM Lotus iNotes ActiveX control installed
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21596862
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75321

Scores

EPSS 0.2944
EPSS Percentile 97.9%

Details

CWE
CWE-119
Status published
Products (14)
ibm/lotus_inotes 8.5.0.0
ibm/lotus_inotes 8.5.0.1
ibm/lotus_inotes 8.5.1.0
ibm/lotus_inotes 8.5.1.1
ibm/lotus_inotes 8.5.1.2
ibm/lotus_inotes 8.5.1.3
ibm/lotus_inotes 8.5.1.4
ibm/lotus_inotes 8.5.1.5
ibm/lotus_inotes 8.5.2.0
ibm/lotus_inotes 8.5.2.1
... and 4 more
Published Jun 20, 2012
Tracked Since Feb 18, 2026