CVE-2013-2977

Currently unrated

Key Information:

Vendor
IBM
Status
Lotus Notes
Vendor
CVE Published:
10 May 2013

Badges

👾 Exploit Exists🟣 EPSS 39%

Summary

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21635878
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/83967
vdb-entryx_refsource_XF

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.