Integer Overflow Vulnerability in IBM Domino iNotes ActiveX Control
CVE-2013-3027

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino
Vendor: CVE Published:; 9 August 2013

Summary

The vulnerability resides in the DWA9W ActiveX control within iNotes of IBM Domino 9.0 prior to IF3. An integer overflow condition can be exploited by remote attackers through a specially crafted web page. This flaw allows for the potential execution of arbitrary code, posing a significant security risk to systems running the affected version of Domino.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21644599

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84381

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21645503

x_refsource_CONFIRM

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 9, 2013
Vulnerability Reserved
Apr 12, 2013