Notes
CVE-2018-1409
HIGH
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708.
AnalysisAI
IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138708. Affected products include: Ibm Notes, Ibm Client Application Access.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary
A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploited by an unauthentic
A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by a
A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attac
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary c
Path traversal in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code. Rated high
Out-of-bounds write in applying connected information in Samsung Notes prior to version 4.4.21.62 allows local attackers
Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potenti
HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high s
HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. Rated high
HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. Rated high s
A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung N
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today