CVE-2013-2977

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
VendorProductVersion
ibmlotus_notes
8.5
ibmlotus_notes
8.5.0.0
ibmlotus_notes
8.5.0.1
ibmlotus_notes
8.5.1
ibmlotus_notes
8.5.1.0
ibmlotus_notes
8.5.1.1
ibmlotus_notes
8.5.1.2
ibmlotus_notes
8.5.1.3
ibmlotus_notes
8.5.1.4
ibmlotus_notes
8.5.1.5
ibmlotus_notes
8.5.2.0
ibmlotus_notes
8.5.2.1
ibmlotus_notes
8.5.2.2
ibmlotus_notes
8.5.2.3
ibmlotus_notes
8.5.3
ibmlotus_notes
8.5.3.1
ibmlotus_notes
8.5.3.2
ibmlotus_notes
8.5.3.3
ibmlotus_notes
8.5.3.4
ibmlotus_notes
9.0.0.0
ibmlotus_notes
8.5
ibmlotus_notes
8.5.0.0
ibmlotus_notes
8.5.0.1
ibmlotus_notes
8.5.1
ibmlotus_notes
8.5.1.0
ibmlotus_notes
8.5.1.1
ibmlotus_notes
8.5.1.2
ibmlotus_notes
8.5.1.3
ibmlotus_notes
8.5.1.4
ibmlotus_notes
8.5.1.5
ibmlotus_notes
8.5.2.0
ibmlotus_notes
8.5.2.1
ibmlotus_notes
8.5.2.2
ibmlotus_notes
8.5.2.3
ibmlotus_notes
8.5.3
ibmlotus_notes
8.5.3.1
ibmlotus_notes
8.5.3.2
ibmlotus_notes
8.5.3.3
ibmlotus_notes
8.5.3.4
ibmlotus_notes
9.0.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21635878
https://exchange.xforce.ibmcloud.com/vulnerabilities/83967
http://www-01.ibm.com/support/docview.wss?uid=swg21635878
https://exchange.xforce.ibmcloud.com/vulnerabilities/83967