Stack-based Buffer Overflow Vulnerability in IBM Domino Software
CVE-2015-1903

Currently unrated

Key Information:

Vendor: IBM
Status: Domino
Vendor: CVE Published:; 20 May 2015

What is CVE-2015-1903?

A stack-based buffer overflow vulnerability exists in IBM Domino software versions prior to 8.5.3 FP6 IF7 and 9.0.1 FP3 IF3. This flaw allows remote attackers to execute arbitrary code by sending specially crafted BMP images, potentially compromising the affected system's security. Organizations using these unsupported versions are advised to update to secure releases to mitigate the risk of exploitation.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21883245

x_refsource_CONFIRM

http://www.zerodayinitiative.com/advisories/ZDI-15-194

x_refsource_MISC

http://www.securityfocus.com/bid/74598

vdb-entryx_refsource_BID

EPSS Score

34% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2015
Vulnerability Reserved
Feb 19, 2015