CVE-2015-0134

Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21700029	Patch Vendor Advisory
http://www.securitytracker.com/id/1032027	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:domino:8.5.0:::::::*
	cpe:2.3:a:ibm:domino:8.5.1:::::::*
	cpe:2.3:a:ibm:domino:8.5.2:::::::*
	cpe:2.3:a:ibm:domino:8.5.3:::::::*
	cpe:2.3:a:ibm:domino:9.0.1:::::::*

History

No history.

Information

Published : 2015-04-06 00:59

Updated : 2024-02-04 18:35

NVD link : CVE-2015-0134

Mitre link : CVE-2015-0134

CVE.ORG link : CVE-2015-0134

JSON object : View

Products Affected

ibm

domino

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2015-0134", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-04-06T00:59:03.317", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21700029", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.securitytracker.com/id/1032027", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de buffer en la implementaci\u00f3n SSLv2 en IBM Domino 8.5.x anterior a 8.5.1 FP5 IF3, 8.5.2 anterior a FP4 IF3, 8.5.3 anterior a FP6 IF6, 9.0 anterior a IF7, y 9.0.1 anterior a FP2 IF3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "lastModified": "2019-10-16T12:40:30.513", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:domino:8.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8458C5E0-40D5-41B6-BBB3-4EE1600BE1F0"}, {"criteria": "cpe:2.3:a:ibm:domino:8.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1D658AF-65B4-4DD7-B445-E16615EA5D82"}, {"criteria": "cpe:2.3:a:ibm:domino:8.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F2A7894-14F0-4FD9-A221-4A88E5CB6A0E"}, {"criteria": "cpe:2.3:a:ibm:domino:8.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "091D9954-232A-4158-A516-35A735343121"}, {"criteria": "cpe:2.3:a:ibm:domino:9.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "373527AD-D128-41CC-BEBA-6581F22D8AEE"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}