SMTP: IBM Domino Image File Parsing CVE-2015-5040 Buffer Overflow
This signature detects attempts to exploit a known vulnerability in IBM Domino. The vulnerability is due to improper bounds checking when parsing image files. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the running application.
Extended Description
Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash) via a crafted GIF image, aka SPRs KLYH9ZDKRE and KLYH9ZTLEZ, a different vulnerability than CVE-2015-4994.
Affected Products
Ibm domino
Short Name
SMTP:VULN:IMG-PARSE-BOF
Severity
Major
Recommended
True
Recommended Action
None
Category
SMTP
Keywords
Buffer CVE-2015-5040 Domino File IBM Image Overflow Parsing
Release Date
12/30/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Ibm
CVSS Score
7.5