CVE-2018-1771
HIGHIBM Domino 9.0-9.0.1 - Buffer Overflow via nsd.exe Command Line Argument Parsing
Title source: llmDescription
IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe. IBM X-force ID: 148687.
References (2)
Core 2
Core References
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/148687
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=ibm10743405
Scores
CVSS v3
8.4
EPSS
0.0048
EPSS Percentile
38.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (6)
ibm/domino
9.0.0.0 if1 (4 CPE variants)
ibm/domino
9.0.1.10 if1 (4 CPE variants)
ibm/domino
9.0.1.0 - 9.0.1.10
ibm/notes
9.0.0.0 if1 (4 CPE variants)
ibm/notes
9.0.1.10 if1 (5 CPE variants)
ibm/notes
9.0.1.0 - 9.0.1.10
Published
Dec 20, 2018
Tracked Since
Feb 18, 2026