CVE-2013-2977

  • Last update: Apr 13, 2023

Description

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

Software From Fixed in
ibm / lotus_notes 8.5 8.5.x
ibm / lotus_notes 8.5.0.0 8.5.0.0.x
ibm / lotus_notes 8.5.0.1 8.5.0.1.x
ibm / lotus_notes 8.5.1 8.5.1.x
ibm / lotus_notes 8.5.1.0 8.5.1.0.x
ibm / lotus_notes 8.5.1.1 8.5.1.1.x
ibm / lotus_notes 8.5.1.2 8.5.1.2.x
ibm / lotus_notes 8.5.1.3 8.5.1.3.x
ibm / lotus_notes 8.5.1.4 8.5.1.4.x
ibm / lotus_notes 8.5.1.5 8.5.1.5.x
ibm / lotus_notes 8.5.2.0 8.5.2.0.x
ibm / lotus_notes 8.5.2.1 8.5.2.1.x
ibm / lotus_notes 8.5.2.2 8.5.2.2.x
ibm / lotus_notes 8.5.2.3 8.5.2.3.x
ibm / lotus_notes 8.5.3 8.5.3.x
ibm / lotus_notes 8.5.3.1 8.5.3.1.x
ibm / lotus_notes 8.5.3.2 8.5.3.2.x
ibm / lotus_notes 8.5.3.3 8.5.3.3.x
ibm / lotus_notes 8.5.3.4 8.5.3.4.x
ibm / lotus_notes 9.0.0.0 9.0.0.0.x

Details

    • Severity: Medium
  • CVE: CVE-2013-2977
  • Published: May 10, 2013
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs