Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:4C6CD66A579269BBC6A033367A5ED1B9
HistorySep 07, 2012 - 12:00 a.m.

IBM Lotus Notes URL Handler Command Execution

2012-09-0700:00:00
SAINT Corporation
download.saintcorporation.com
21

EPSS

0.965

Percentile

99.6%

JSON

Added: 09/07/2012
CVE: CVE-2012-2174
BID: 54070
OSVDB: 83063

Background

Lotus Notes is the client for Lotus Domino servers.

Problem

Lotus Notes 8.5.3 (and earlier) is vulnerable to remote code execution when handling a specially crafted URL. A remote attacker can pass the -RPARAMS command line argument to notes.exe, which then launches rpclauncher.exe. Also supplying the java -vm command allows the attacker to execute arbitrary code in the context of the notes.exe process.

Resolution

Apply the updates as described in the IBM Security Bulletin.

References

<http://www.zerodayinitiative.com/advisories/ZDI-12-154/&gt;

Limitations

This exploit has been tested against IBM Lotus Notes 8.5.3 FP1 on Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn).

The user must open the HTML page using Internet Explorer 8 or 9 on the target.

The binary β€˜smbclient’ must be available to the script.

The target must be able to access the specified SMB share anonymously.

A valid login and password with write permission for the specified SMB share are required.

Platforms

Windows

Related

securityvulns 2
saint 3
zdt 1
d2 1
openvas 2
seebug 2
nessus 1
zdi 1
exploitdb 1
nvd 1
cvelist 1
metasploit 1
checkpoint_advisories 1
prion 1
cve 1
packetstorm 1
securityvulns
securityvulns
IBM Lotus Notes code execution
2012-08-27 00:00:00
ZDI-12-154 : IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability
2012-08-27 00:00:00
saint
saint
IBM Lotus Notes URL Handler Command Execution
2012-09-07 00:00:00
IBM Lotus Notes URL Handler Command Execution
2012-09-07 00:00:00
IBM Lotus Notes URL Handler Command Execution
2012-09-07 00:00:00
zdt
zdt
IBM Lotus Notes Client URL Handler Command Injection Vulnerability
2012-12-25 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_NOTESURL
2012-06-20 10:27:00
openvas
openvas
IBM Lotus Notes URL Command Injection RCE Vulnerability (Windows)
2013-01-23 00:00:00
IBM Lotus Notes URL Command Injection RCE Vulnerability - Windows
2013-01-23 00:00:00
seebug
seebug
IBM Lotus Notes 8.x &quot;notes&quot; URIε€„η†ε™¨ζΌζ΄ž
2012-06-23 00:00:00
IBM Lotus Notes Client URL Handler Command Injection
2012-12-25 00:00:00
nessus
nessus
IBM Lotus Notes < 8.5.3 FP2 URL Handler Unspecified Remote Code Execution
2012-08-10 00:00:00
zdi
zdi
IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability
2012-08-22 00:00:00
exploitdb
exploitdb
IBM Lotus Notes Client URL Handler - Command Injection (Metasploit)
2012-12-25 00:00:00
nvd
nvd
CVE-2012-2174
2012-06-20 10:27:28
cvelist
cvelist
CVE-2012-2174
2012-06-20 10:00:00
metasploit
metasploit
IBM Lotus Notes Client URL Handler Command Injection
2012-12-24 15:23:19
checkpoint_advisories
checkpoint_advisories
IBM Lotus Notes URL Handler Command Execution (CVE-2012-2174)
2012-10-14 00:00:00
prion
prion
Code injection
2012-06-20 10:27:00
cve
cve
CVE-2012-2174
2012-06-20 10:27:28
packetstorm
packetstorm
IBM Lotus Notes Client URL Handler Command Injection
2012-12-24 00:00:00

EPSS

0.965

Percentile

99.6%

JSON
Related for SAINT:4C6CD66A579269BBC6A033367A5ED1B9
securityvulns2saint3zdt1d21openvas2seebug2nessus1zdi1exploitdb1nvd1cvelist1metasploit1checkpoint_advisories1prion1cve1packetstorm1