Published: 05/09/2017 Updated: 03/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

IBM Notes 8.5 and 9.0 is vulnerable to a denial of service. If a user is persuaded to click on a malicious link, it could cause the Notes client to hang and have to be restarted. IBM X-Force ID: 121370.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm inotes 8.5.2.1
ibm inotes 8.5.2.4
ibm inotes 8.5.3.0
ibm inotes 8.5.3.1
ibm inotes 8.5.1.1
ibm inotes 8.5.2.0
ibm inotes 8.5.3.6
ibm inotes 9.0.1.0
ibm inotes 9.0.1.8
ibm inotes 8.5.0.0
ibm inotes 8.5.1.0
ibm inotes 8.5.1.5
ibm inotes 9.0.0.0
ibm inotes 9.0.1.1
ibm expeditor 6.2.1
ibm expeditor 6.2.3
ibm expeditor 6.2.2

# Exploit Title: IBM Notes is affected by a denial of service vulnerability # Date: 31 August 2017 # Software Link: www-01ibmcom/support/docviewwss?uid=swg24037141 # Exploit Author: Dhiraj Mishra # Contact: twittercom/mishradhiraj_ # Website: datariftblogspotin/ # CVE: CVE-2017-1129 # Category: IBM Notes (Console Appli ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Auxiliary include Msf::Exploit::Remote::HttpServer def initialize(info = {}) super( update_info( info, 'Name' => "IBM Notes encodeURI ...

IBM Notes versions 85x and 90x suffer from a denial of service vulnerability ...

IBM Notes versions 85 and 90 encodeURI denial of service exploit ...

NVD-CWE-noinfo https://exchange.xforce.ibmcloud.com/vulnerabilities/121370 http://www.ibm.com/support/docview.wss?uid=swg22002103 http://www.ibm.com/support/docview.wss?uid=swg21999385 https://www.exploit-db.com/exploits/42602/https://nvd.nist.gov https://www.exploit-db.com/exploits/42602/

CVE-2017-1129

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect