IBM Domino 9.0.x < 9.0.1 Fix Pack 3 Interim Fix 2 GIF Code Execution (credentialed check)
Critical Nessus Plugin ID 83116
SynopsisThe remote server is affected by a remote code execution vulnerability.
DescriptionThe version of IBM Domino (formerly IBM Lotus Domino) installed on the remote host is 9.0.x prior to 9.0.1 Fix Pack 3 (FP3) Interim Fix 2 (IF2). It is, therefore, potentially affected by an integer truncation error when processing GIF files. A remote attacker, using a crafted GIF file, could exploit this to execute arbitrary code or cause a denial of service.
SolutionUpgrade to IBM Domino 9.0.1 FP3 IF2 or later.