Vulnerability Details CVE-2015-1902
Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.34
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 10.0
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21883245
- http://www.securityfocus.com/bid/74597
- http://www.securitytracker.com/id/1032376
- http://www.zerodayinitiative.com/advisories/ZDI-15-193
- http://www-01.ibm.com/support/docview.wss?uid=swg21883245
- http://www.securityfocus.com/bid/74597
- http://www.securitytracker.com/id/1032376
- http://www.zerodayinitiative.com/advisories/ZDI-15-193
Products affected by CVE-2015-1902
-
cpe:2.3:a:ibm:domino:8.5.0
-
cpe:2.3:a:ibm:domino:8.5.1
-
cpe:2.3:a:ibm:domino:8.5.2
-
cpe:2.3:a:ibm:domino:8.5.3
-
cpe:2.3:a:ibm:domino:9.0.1