CVE-2013-2977

IBM Notes 8.5.x-8.5.3 FP4 and 9.x - Remote Code Execution via Malformed PNG Image

Title source: manual
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-2977. PoCs published by defrancescojp.

AI-analyzed exploit summary This PoC exploits an integer overflow in IBM Lotus Notes' PNG parsing to achieve arbitrary code execution via a maliciously crafted email. The exploit constructs a malicious PNG file with controlled dimensions to trigger a heap overflow.

Description

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

Exploits (1)

nomisec WORKING POC
by defrancescojp · poc
https://github.com/defrancescojp/CVE-2013-2977

This PoC exploits an integer overflow in IBM Lotus Notes' PNG parsing to achieve arbitrary code execution via a maliciously crafted email. The exploit constructs a malicious PNG file with controlled dimensions to trigger a heap overflow.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: IBM Lotus Notes (versions affected by CVE-2013-2977)
No auth needed
Prerequisites: Ability to send emails to the target · Target must open or preview the malicious email
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21635878
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/83967

Scores

EPSS 0.0469
EPSS Percentile 90.7%

Details

CWE
CWE-189
Status published
Products (20)
ibm/lotus_notes 8.5
ibm/lotus_notes 8.5.0.0
ibm/lotus_notes 8.5.0.1
ibm/lotus_notes 8.5.1
ibm/lotus_notes 8.5.1.0
ibm/lotus_notes 8.5.1.1
ibm/lotus_notes 8.5.1.2
ibm/lotus_notes 8.5.1.3
ibm/lotus_notes 8.5.1.4
ibm/lotus_notes 8.5.1.5
... and 10 more
Published May 10, 2013
Tracked Since Feb 18, 2026