IBM Lotus Notes Mail Client Remote Code Execution Vulnerability

Last Update Date: 3 May 2013 11:37 Release Date: 3 May 2013 4250 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Email Clients

TYPE: Email Clients

A vulnerability has been identified in IBM Lotus Notes, which can be exploited by remote user to cause Java applets to be executed on the target user's system. The mail client does not filter 'applet' and 'javascript' tags in HTML-based email messages. A remote user can send a specially crafted email message that, when loaded by the target user, will execute arbitrary Java code on the target system. The code will run with the privileges of the target user.

Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Lotus Notes 8.0.x, 8.5.x, 9.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Novell iPrint Client Unspecified Buffer Overflow Vulnerability

3 May 2013 3972 Views

Next

Cisco Prime Central for Hosted Collaboration Solution Multiple Vulnerabilities

3 May 2013 4017 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY