What is CVE-2013-2977?

CVE-2013-2977 is a vulnerability in Ibm Lotus_notes, classified under CWE-189. Published 2013-05-10.

Is CVE-2013-2977 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Lotus_notes

CVE-2013-2977

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG…

EPSS: 0.171 (95.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Lotus_notes — versions 8.5, 8.5.0.0, 8.5.0.1
Linux Linux_kernel
Microsoft Windows
N/a — versions n/a

Weakness classification (CWE)

CWE-189

Public proof-of-concept exploits

defrancescojp/CVE-2013-2977
lagartojuancho/CVE-2013-2977

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
ibm-notes-cve20132977-bo(83967) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2013-2977?: CVE-2013-2977 is a vulnerability in Ibm Lotus_notes, classified under CWE-189. Published 2013-05-10.
Is CVE-2013-2977 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.