VDB
CVE-2017-1274
CVE-2017-1274
PUBLISHED
CVSS 6.5 MEDIUM
IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. IBM X-Force ID: 124749.
EPSS 17.77% · 95.3th percentile
Risk Scores
CVSS 2.0
6.5
EPSS Score
17.77%
95.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | domino | 8.5.3.6, 9.0.0.0, 9.0.1 |
| N/A | N/A | |
| IBM | Domino | * |
Timeline
- Mar 20, 2017 PoC Published
- Apr 25, 2017 CVE Published
- May 8, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- May 14, 2022 CVE Updated
- Jul 3, 2022 EPSS Score
References
- http://www.securityfocus.com/bid/97910 url
- http://www.securityfocus.com/bid/98019 url
- http://www.securitytracker.com/id/1038358 url
- https://www-01.ibm.com/support/docview.wss?uid=swg22002280 advisory
- http://www.ibm.com/support/docview.wss?uid=swg22002280 url
- VU#676632 third-party-advisory
- http://packetstormsecurity.com/files/152786/Lotus-Domino-8.5.3-EXAMINE-Stack-Buffer-Overflow.html url
- https://nvd.nist.gov/vuln/detail/CVE-2017-1274 advisory