CVE-2013-2977

CWE-1893 documents3 sources

Severity

6.8MEDIUM

EPSS

16.1%

top 5.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Notes

Timeline

PublishedMay 10

Latest updateMay 17

Description

Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 on Windows, and 8.5.x before 8.5.3 FP5 and 9.x before 9.0.1 on Linux, allows remote attackers to execute arbitrary code via a malformed PNG image in a previewed e-mail message, aka SPR NPEI96K82Q.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/lotus_notes20 versions+19

🔴Vulnerability Details

GHSA

GHSA-5w62-6f9v-h43w: Integer overflow in IBM Notes 8↗2022-05-17

▶

CVEList

CVE-2013-2977: Integer overflow in IBM Notes 8↗2013-05-10

▶