IBM Notes and Domino CVE-2018-1771 DLL Loading Local Privilege Escalation Vulnerability
BID:106309
Info
IBM Notes and Domino CVE-2018-1771 DLL Loading Local Privilege Escalation Vulnerability
| Bugtraq ID: | 106309 |
| Class: | Design Error |
| CVE: |
CVE-2018-1771 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 30 2018 12:00AM |
| Updated: | Nov 30 2018 12:00AM |
| Credit: | Lasse Trolle Borup of Langkjaer Cyber Defence |
| Vulnerable: |
IBM iNotes 9.0.1 FP8 IF3 IBM iNotes 9.0.1 FP8 IF2 IBM iNotes 9.0.1 FP10 IF5 IBM iNotes 9.0.1 Fix Pack 9 IBM iNotes 9.0.1 Fix Pack 8 IBM iNotes 9.0.1 Fix Pack 7 IBM iNotes 9.0.1 IBM iNotes 9.0 IF4 IBM iNotes 9.0 IBM Domino 9.0.1 FP10 IF4 IBM Domino 9.0.1 FP 6 IBM Domino 9.0.1 FP 5 IBM Domino 9.0.1 FP 4 IF 3 IBM Domino 9.0.1 FP 4 IF 2 IBM Domino 9.0.1 FP 4 IBM Domino 9.0.1 FP 3 IF 2 IBM Domino 9.0.1 FP 3 IBM Domino 9.0.1 FP 2 IF 3 IBM Domino 9.0.1 FP 2 IF 2 IBM Domino 9.0.1 FP 2 IF 1 IBM Domino 9.0.1 Fix Pack 3 IF 3 IBM Domino 9.0.1 Fix Pack 3 IBM Domino 9.0.1 Fix Pack 2 Interim F IBM Domino 9.0.1 Feature Pack 8 IF 1 IBM Domino 9.0.1 FP 7 IBM Domino 9.0.1 FP 6 IF 3 IBM Domino 9.0.1 FP 6 IF 1 IBM Domino 9.0.1 IBM Domino 9.0 IF 4 IBM Domino 9.0 |
| Not Vulnerable: |
IBM iNotes 9.0.1 FP10 IF6 IBM Domino 9.0.1 FP10 IF5 |
Discussion
IBM Notes and Domino CVE-2018-1771 DLL Loading Local Privilege Escalation Vulnerability
IBM Notes and Domino are prone to a local privilege-escalation vulnerability.
A local attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition.
The following versions and products are vulnerable:
IBM Domino 9.0.1 through 9.0.1 FP10 IF4
IBM Domino 9.0 through 9.0 IF4
IBM Notes 9.0.1 through 9.0.1 FP10 IF5
IBM Notes 9.0 through 9.0 IF4
IBM Notes and Domino are prone to a local privilege-escalation vulnerability.
A local attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition.
The following versions and products are vulnerable:
IBM Domino 9.0.1 through 9.0.1 FP10 IF4
IBM Domino 9.0 through 9.0 IF4
IBM Notes 9.0.1 through 9.0.1 FP10 IF5
IBM Notes 9.0 through 9.0 IF4
Solution / Fix
IBM Notes and Domino CVE-2018-1771 DLL Loading Local Privilege Escalation Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.