Vulnerability Details CVE-2017-1274
IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.178
EPSS Ranking 94.8%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/152786/Lotus-Domino-8.5.3-EXAMINE-Stack-Buffer-Overflow.html
- http://www.ibm.com/support/docview.wss?uid=swg22002280
- http://www.securityfocus.com/bid/97910
- http://www.securityfocus.com/bid/98019
- http://www.securitytracker.com/id/1038358
- https://www.kb.cert.org/vuls/id/676632
- http://packetstormsecurity.com/files/152786/Lotus-Domino-8.5.3-EXAMINE-Stack-Buffer-Overflow.html
- http://www.ibm.com/support/docview.wss?uid=swg22002280
- http://www.securityfocus.com/bid/97910
- http://www.securityfocus.com/bid/98019
- http://www.securitytracker.com/id/1038358
- https://www.kb.cert.org/vuls/id/676632
Products affected by CVE-2017-1274
-
cpe:2.3:a:ibm:domino:8.5.3
-
cpe:2.3:a:ibm:domino:8.5.3.6
-
cpe:2.3:a:ibm:domino:9.0.0.0
-
cpe:2.3:a:ibm:domino:9.0.1
-
cpe:2.3:a:ibm:domino:9.0.1.8