CVE-2013-2977

Name of the Vulnerable Software and Affected Versions IBM Notes versions 8.5.x before 8.5.3 FP4 Interim Fix 1 IBM Notes versions 9.x before 9.0 Interim Fix 1 on Windows IBM Notes versions 8.5.x before 8.5.3 FP5 on Linux IBM Notes versions 9.x before 9.0.1 on Linux

Description The issue allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message. This occurs due to an integer overflow.

Recommendations For IBM Notes versions 8.5.x before 8.5.3 FP4 Interim Fix 1, update to 8.5.3 FP4 Interim Fix 1 or later. For IBM Notes versions 9.x before 9.0 Interim Fix 1 on Windows, update to 9.0 Interim Fix 1 or later. For IBM Notes versions 8.5.x before 8.5.3 FP5 on Linux, update to 8.5.3 FP5 or later. For IBM Notes versions 9.x before 9.0.1 on Linux, update to 9.0.1 or later.