IBM Corporation Information for VU#676632

IBM Lotus Domino server mailbox name stack buffer overflow

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www-01.ibm.com/support/docview.wss?uid=swg22002280

https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-domino-server-imap-examine-command-stack-buffer-overflow-cve-2017-1274/

Addendum

This issue is addressed in IBM Domino 9.0.1 Fix Pack 8 Interim Fix 2, and 8.5.3 Fix Pack 6 Interim Fix 17. Please see the IBM Security Bulletin for more details. Despite what the IBM security bulletin indicates, IBM Domino does not fully employ ASLR on any platform that we have tested. Windows or Linux, 32-bit or 64-bit.

If you have feedback, comments, or additional information about this vulnerability, please send us email.