Intrusion Prevention

IBM.Lotus.Domino.BMP.Color.Palette.Stack.Buffer.Overflow

Description

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in IBM Lotus Domino.
The vulnerability is caused by an improper bound checking when the vulnerable application handles a maliciously crafted file. An attacker can exploit this to execute arbitrary code in the context of the vulnerable application via a crafted request.

Affected Products

IBM Domino prior to 8.5.3 Fix Pack 6 Interim Fix 7
IBM Domino prior to 9.0.1 Fix Pack 3 Interim Fix 3
IBM Notes And Domino 8.5.3 Fix Pack 6 (plus Interim Fixes) and prior
IBM Notes And Domino 9.0.1 Fix Pack 3 (plus Interim Fixes) and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor
http://www.ibm.com/support/docview.wss?uid=swg21883245

CVE References

CVE-2015-1903