CVE-2018-1435

CWE-4263 documents3 sources
Severity
7.8HIGH
EPSS
1.0%
top 23.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Notes
Timeline
PublishedMar 14
Latest updateMay 13

Description

IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/notes11 versions+10
NVDibm/notes11 versions+10

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-cfv4-gmqg-xxm6: IBM Notes 82022-05-13
CVEList
CVE-2018-1435: IBM Notes 82018-03-14
CVE-2018-1435 (HIGH CVSS 7.8) | IBM Notes 8.5 and 9.0 is vulnerable | cvebase.io