Intrusion Prevention

IBM.Lotus.Domino.BMP.Parsing.Integer.Overflow

Description

This indicates an attack attempt to exploit an Integer Overflow vulnerability in IBM Lotus Domino.
The vulnerability is caused by an improper bound checking when the vulnerable application handles a maliciously crafted file. An attacker can exploit this to execute arbitrary code in the context of the vulnerable application via a crafted file.

Affected Products

IBM Domino prior to 8.5.3 Fix Pack 6 Interim Fix 7
IBM Domino prior to 9.0.1 Fix Pack 3 Interim Fix 3
IBM Notes And Domino 8.5.3 Fix Pack 6 (plus Interim Fixes) and prior
IBM Notes And Domino 9.0.1 Fix Pack 3 (plus Interim Fixes) and prior

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor
http://www.ibm.com/support/docview.wss?uid=swg21883245

CVE References

CVE-2015-1902