Skip to main content

IBM Lotus Expeditor Multiple Vulnerabilities

Last Update Date: 25 Jun 2012 11:26 Release Date: 25 Jun 2012 5421 Views

RISK: High Risk

TYPE: Clients - Email Clients

TYPE: Email Clients

Multiple vulnerabilities have been identified in IBM Lotus Expeditor, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

  1. Input passed to unspecified parameters within the Eclipse help component is not properly verified before being used to read files. This can be exploited to disclose arbitrary files from local resources via directory traversal attacks.
  2. An error in the Web Container within the access control mechanism when processing unspecified request headers can be exploited to spoof a header making it appear to be originating from a trusted location (e.g. localhost).
  3. The application loads unspecified libraries in an insecure manner and can be exploited to load arbitrary libraries by tricking a user into e.g. opening an unspecified file located on a remote WebDAV or SMB share.
  4. Some cross-site scripting vulnerabilities exist within the bundled Eclipse Help Server.
  5. Input passed via the "searchWord" parameter to searchView.jsp and the "workingSet" parameter to workingSetManager.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of the bundled Help Server site.

Impact

  • Cross-Site Scripting
  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • IBM Lotus Expeditor 6.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 6.2 FP5 (Fix Pack 5) + Security Pack 。

Vulnerability Identifier


Source


Related Link