IBM Lotus Domino Multiple Remote Buffer Overflow Vulnerabilities
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities have been identified in IBM Lotus Domino, which could be exploited by remote attackers to compromise a vulnerable server.
1. A stack overflow error related to MIME handling, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
2. An error within the Domino Internet Inter-ORB Protocol (DIIOP), which could be exploited by remote attackers to execute arbitrary code.
3. An error related to the Domino Internet Inter-ORB Protocol (DIIOP), which could be exploited by remote attackers to execute arbitrary code.
4. An access validation error in the Remote Console when handling UNC paths, which could be exploited to bypass authentication and execute arbitrary code.
5. A buffer overflow error in the Router component when processing user-supplied requests, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
6. A buffer overflow error in the IMAP and POP3 components when processing malformed data, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
7. An error when processing LDAP bind requests, which could be exploited by remote attackers to execute arbitrary code.
Impact
- Remote Code Execution
System / Technologies affected
- IBM Lotus Notes versions prior to 8.5.3
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to IBM Lotus Notes version 8.5.3.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with