IBM Lotus Notes/Domino Multiple Vulnerabilities

Last Update Date: 25 Mar 2013 11:27 Release Date: 25 Mar 2013 3778 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Multiple vulnerabilities have been identified in IBM Lotus Notes/Domino, which can be exploited by malicious users to disclose certain sensitive information, cause a DoS (Denial of Service) and compromise a vulnerable system.

 
IBM Lotus Notes
  1. The application bundles a vulnerable version of libpng.
  2. An unspecified error exists in the Autonomy KeyView File Parser for .mdb files, which can be exploited to cause a buffer overflow.
  3. The application bundles a vulnerable version of Autonomy KeyView IDOL.
IBM Lotus Domino
  1. An unspecified error can be exploited to disclose time-limited authentication credentials via the Domino Java Console and subsequently gain otherwise restricted access.
  2. An unspecified error in the HTTP server component can be exploited to cause a memory leak and subsequently crash the server.
  3. The application bundles a vulnerable version of Autonomy KeyView IDOL.

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • IBM Lotus Notes 8.x
  • IBM Lotus Domino 8.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 9.0 or update to version 8.5.3 Fix Pack 4 (April 2013)

Vulnerability Identifier

Source

Related Link

Share with

Previous

Google Chrome Multiple Vulnerabilities

21 Mar 2013 3480 Views

Next

CoreFTP buffer overflow vulnerability

22 Mar 2013 3540 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY