CVE-2015-5040

Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-4994.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmdomino
8.5.0
ibmdomino
8.5.0.1
ibmdomino
8.5.1
ibmdomino
8.5.1.1
ibmdomino
8.5.1.2
ibmdomino
8.5.1.3
ibmdomino
8.5.1.4
ibmdomino
8.5.1.5
ibmdomino
8.5.2
ibmdomino
8.5.2.1
ibmdomino
8.5.2.2
ibmdomino
8.5.2.3
ibmdomino
8.5.2.4
ibmdomino
8.5.3
ibmdomino
8.5.3.1
ibmdomino
8.5.3.2
ibmdomino
8.5.3.3
ibmdomino
8.5.3.4
ibmdomino
8.5.3.5
ibmdomino
8.5.3.6
ibmdomino
9.0.1
ibmdomino
9.0.1.1
ibmdomino
9.0.1.2
ibmdomino
9.0.1.3
ibmdomino
9.0.1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21969050
http://www.securitytracker.com/id/1033974
http://www-01.ibm.com/support/docview.wss?uid=swg21969050
http://www.securitytracker.com/id/1033974