IBM Notes on Windows could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path.
CVE(s): CVE-2018-1437
Affected product(s) and affected version(s):
IBM Notes 9.0.1 to 9.0.1 FP10 IF1
IBM Notes 9.0 to 9.0 IF4
IBM Notes 8.5.3 to 8.5.3 FP6 IF15
IBM Notes 8.5.2 to 8.5.2 FP4 IF3
IBM Notes 8.5.1. to 8.5.1 FP5 IF3
IBM Notes 8.5 release
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22014201
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/139565
The post IBM Security Bulletin: IBM Notes Privilege Escalation in IBM Notes System Diagnostics service (CVE-2018-1437) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2GasRMQ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.