CVE-2017-1274

Name of the Vulnerable Software and Affected Versions IBM Domino versions 8.5.3 through 9.0

Description The issue is related to a stack-based overflow in the IMAP service, specifically with the implementation of the EXAMINE command. This overflow occurs when handling mailbox names, potentially allowing an authenticated attacker to execute arbitrary code by specifying a large mailbox name. The exploitation of this issue could enable a remote attacker to execute arbitrary code.

Recommendations For IBM Domino versions 8.5.3 through 9.0, consider disabling the IMAP service until a patch is available to prevent potential exploitation. Restrict access to the IMAP service to minimize the risk of exploitation. Avoid using large mailbox names in the affected IMAP service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.