Stack-Based Overflow Vulnerability in IBM Domino IMAP Service
CVE-2017-1274

8.8HIGH

Key Information:

Vendor
IBM
Status
Domino
Vendor
CVE Published:
25 April 2017

Summary

IBM Domino versions 8.5.3 and 9.0 are susceptible to a stack-based overflow in the IMAP service. This vulnerability could be exploited by an authenticated attacker who specifies a large mailbox name, potentially leading to arbitrary code execution on the affected system. The flaw highlights significant risks to data integrity and system security, making timely updates and patches essential for users of these versions. For more details and mitigation strategies, refer to IBM’s security advisory and additional resources.

Affected Version(s)

Domino 8.5.3.5, 8.5.3.6, 9.0.1, 8.5, 9.0, 8.5.1, 8.5.2, 8.5.3, 9.0.1.1, 8.0.2, 8.0, 8.0.1, 8.5.1.5, 8.5.2.4, 9.0.1.2, 8.5.0.1, 9.0.1.3, 8.5.1.4, 9.0.1.4, 9.0.1.5, 8.5.1.1, 9.0.1.6, 9.0.1.7, 9.0.1.8

References

http://www.ibm.com/support/docview.wss?uid=swg22002280
x_refsource_CONFIRM
http://www.securityfocus.com/bid/97910
vdb-entryx_refsource_BID
http://www.securityfocus.com/bid/98019
vdb-entryx_refsource_BID

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.