Buffer overflow in Ibm Domino

CVE-2015-5040

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9…

Vulnerability class: Buffer Overflow

EPSS: 0.024 (85.5th percentile) — read the EPSS interpretation.

Affected products

Ibm Domino — versions 8.5.0, 8.5.0.1, 8.5.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1033974 (vdb-entry, x_refsource_SECTRACK)
psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)