Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.805644
Category:General
Title:IBM Domino Multiple Stack-based Buffer Overflow Vulnerabilities - June15
Summary:IBM Domino is prone to multiple stack-based buffer overflow vulnerabilities.
Description:Summary:
IBM Domino is prone to multiple stack-based buffer overflow vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An overflow condition in nrouter.exe which is triggered as user-supplied
input is not properly validated when handling the BMP color palette.

- An integer overflow condition in the nrouter.exe component that is triggered
as BMP image dimensions in emails are not properly validated.

Vulnerability Impact:
Successful exploitation will allow attacker
to cause a stack-based buffer overflow, resulting in a denial of service or
potentially allowing the execution of arbitrary code.

Affected Software/OS:
IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3.

Solution:
Upgrade to IBM Domino 8.5.3 FP6 IF7 or 9.0.1 FP3 IF3 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 74598
BugTraq ID: 74597
Common Vulnerability Exposure (CVE) ID: CVE-2015-1903
http://www.securityfocus.com/bid/74598
http://www.zerodayinitiative.com/advisories/ZDI-15-194
http://www.securitytracker.com/id/1032376
Common Vulnerability Exposure (CVE) ID: CVE-2015-1902
http://www.securityfocus.com/bid/74597
http://www.zerodayinitiative.com/advisories/ZDI-15-193
CopyrightCopyright (C) 2015 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.