CVE-2018-1771

HIGH

IBM Domino 9.0-9.0.1 - Buffer Overflow via nsd.exe Command Line Argument Parsing

Title source: llm
STIX 2.1

Description

IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.

References (2)

Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/148687
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=ibm10743405

Scores

CVSS v3 8.4
EPSS 0.0048
EPSS Percentile 38.0%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (6)
ibm/domino 9.0.0.0 if1 (4 CPE variants)
ibm/domino 9.0.1.10 if1 (4 CPE variants)
ibm/domino 9.0.1.0 - 9.0.1.10
ibm/notes 9.0.0.0 if1 (4 CPE variants)
ibm/notes 9.0.1.10 if1 (5 CPE variants)
ibm/notes 9.0.1.0 - 9.0.1.10
Published Dec 20, 2018
Tracked Since Feb 18, 2026