IBM Domino 8.5.x < 8.5.3 Fix Pack 6 Interim Fix 4 GIF Code Execution
Critical Nessus Plugin ID 83113
SynopsisThe remote server is affected by a remote code execution vulnerability.
DescriptionAccording to its banner, the version of IBM Domino (formerly IBM Lotus Domino) running on the remote host is 8.5.x prior to 8.5.3 Fix Pack 6 (FP6) Interim Fix 4 (IF4). It is, therefore, potentially affected by an integer truncation error when processing GIF files. A remote attacker, using a crafted GIF file, could exploit this to execute arbitrary code or cause a denial of service.
SolutionUpgrade to IBM Domino 8.5.3 FP6 IF4 or later.