CVE-2015-4994

IBM Domino 8.5.1-8.5.3 and 9.x - Buffer Overflow via Crafted GIF Image

Title source: llm
STIX 2.1

Description

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-5040.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033974
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21969050

Scores

EPSS 0.0328
EPSS Percentile 87.0%

Details

CWE
CWE-119
Status published
Products (5)
ibm/domino 8.5.0
ibm/domino 8.5.1
ibm/domino 8.5.2
ibm/domino 8.5.3
ibm/domino 9.0.1
Published Oct 29, 2015
Tracked Since Feb 18, 2026