CVE-2015-0134: Buffer Overflow
First published: Mon Apr 06 2015(Updated: )
Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before FP4 IF3, 8.5.3 before FP6 IF6, 9.0 before IF7, and 9.0.1 before FP2 IF3 allows remote attackers to execute arbitrary code via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino | =8.5.0 | |
| IBM Lotus Domino | =8.5.1 | |
| IBM Lotus Domino | =8.5.2 | |
| IBM Lotus Domino | =8.5.3 | |
| IBM Lotus Domino | =9.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-0134?
CVE-2015-0134 is considered a critical vulnerability due to its potential to enable remote code execution.
How do I fix CVE-2015-0134?
To fix CVE-2015-0134, upgrade IBM Domino to the specified patched versions: 8.5.1 FP5 IF3, 8.5.2 FP4 IF3, 8.5.3 FP6 IF6, 9.0 IF7, or 9.0.1 FP2 IF3.
Who is affected by CVE-2015-0134?
CVE-2015-0134 affects users of IBM Domino versions 8.5.0 through 9.0.1 before specific fix packs.
What types of attacks can exploit CVE-2015-0134?
CVE-2015-0134 can be exploited by remote attackers to execute arbitrary code through a buffer overflow.
Is CVE-2015-0134 still a threat?
CVE-2015-0134 remains a threat to systems that have not been updated to the patched versions.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/8.5.0
- version/ibm lotus domino/8.5.1
- version/ibm lotus domino/8.5.2
- version/ibm lotus domino/8.5.3
- version/ibm lotus domino/9.0.1