PT-2015-1206 · Ibm · Ibm Domino

Bilou

Published

2015-05-12

Updated

2019-10-16

CVE-2015-1903

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Domino versions 8.5 through 8.5.3 FP6 IF6 and versions 9.0 through 9.0.1 FP3 IF2

Description The issue is caused by a stack-based buffer overflow error. This allows remote attackers to execute arbitrary code via a crafted BMP image.

Recommendations For versions 8.5 through 8.5.3 FP6 IF6, update to version 8.5.3 FP6 IF7. For versions 9.0 through 9.0.1 FP3 IF2, update to version 9.0.1 FP3 IF3. As a temporary workaround, consider restricting the processing of BMP images until a patch is available.

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2015-10141

CVE-2015-1903

ZDI-15-194

Affected Products

Ibm Domino

PT-2015-1206 · Ibm · Ibm Domino

CVE-2015-1903

Weakness Enumeration

Related Identifiers

Affected Products

References · 8