Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Linux
  • Linux Kernel
Microsoft
  • Windows
Ibm
  • Lotus Notes

Configuration 1 [-]

OR cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.4:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:8.5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:lotus_notes:9.0.0.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References
Link Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21635878 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/83967
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2013-05-10T10:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2013-04-12T00:00:00

Link: CVE-2013-2977

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-05-10T11:42:30.323

Modified: 2017-08-29T01:33:18.433

Link: CVE-2013-2977

JSON object: View

cve-icon Redhat Information

No data.

CWE