IBM Notes / Domino Java Multiple Vulnerabilities
Last Update Date:
20 Aug 2013 12:38
Release Date:
20 Aug 2013
4248
Views
RISK: High Risk
TYPE: Clients - Productivity Products
Multiple vulnerabilities have been identified in IBM Notes and Domino, which can be exploited by malicious, local users to disclose certain sensitive data, manipulate certain data, and gain escalated privileges and by malicious people to conduct spoofing attacks, disclose certain sensitive information, manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
The vulnerabilities are caused due to the applications bundling a vulnerable version of Java.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Spoofing
System / Technologies affected
- IBM Lotus Domino 8.x
- IBM Domino (formerly IBM Lotus Domino) 9.x
- IBM Lotus Notes 8.x
- IBM Notes (formerly IBM Lotus Notes) 9.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply fix (8.5.3 Fix Pack 5).
The same fix is planned for release 9.0.1
http://www.lotus.com/ldd/fixlist.nsf/Progress/$first?opendocument
http://www-01.ibm.com/support/docview.wss?uid=swg21644918
Vulnerability Identifier
- CVE-2012-1541
- CVE-2012-3213
- CVE-2012-3342
- CVE-2013-0351
- CVE-2013-0401
- CVE-2013-0402
- CVE-2013-0409
- CVE-2013-0419
- CVE-2013-0423
- CVE-2013-0424
- CVE-2013-0425
- CVE-2013-0426
- CVE-2013-0427
- CVE-2013-0428
- CVE-2013-0429
- CVE-2013-0430
- CVE-2013-0431
- CVE-2013-0432
- CVE-2013-0433
- CVE-2013-0434
- CVE-2013-0435
- CVE-2013-0437
- CVE-2013-0438
- CVE-2013-0440
- CVE-2013-0441
- CVE-2013-0442
- CVE-2013-0443
- CVE-2013-0444
- CVE-2013-0445
- CVE-2013-0446
- CVE-2013-0448
- CVE-2013-0449
- CVE-2013-0450
- CVE-2013-0809
- CVE-2013-1473
- CVE-2013-1475
- CVE-2013-1476
- CVE-2013-1478
- CVE-2013-1479
- CVE-2013-1480
- CVE-2013-1481
- CVE-2013-1488
- CVE-2013-1489
- CVE-2013-1491
- CVE-2013-1493
- CVE-2013-1500
- CVE-2013-1518
- CVE-2013-1537
- CVE-2013-1540
- CVE-2013-1557
- CVE-2013-1558
- CVE-2013-1561
- CVE-2013-1563
- CVE-2013-1564
- CVE-2013-1569
- CVE-2013-1571
- CVE-2013-2383
- CVE-2013-2384
- CVE-2013-2394
- CVE-2013-2400
- CVE-2013-2407
- CVE-2013-2412
- CVE-2013-2414
- CVE-2013-2415
- CVE-2013-2416
- CVE-2013-2417
- CVE-2013-2418
- CVE-2013-2419
- CVE-2013-2420
- CVE-2013-2421
- CVE-2013-2422
- CVE-2013-2423
- CVE-2013-2424
- CVE-2013-2425
- CVE-2013-2426
- CVE-2013-2427
- CVE-2013-2428
- CVE-2013-2429
- CVE-2013-2430
- CVE-2013-2431
- CVE-2013-2432
- CVE-2013-2433
- CVE-2013-2434
- CVE-2013-2435
- CVE-2013-2436
- CVE-2013-2437
- CVE-2013-2438
- CVE-2013-2439
- CVE-2013-2440
- CVE-2013-2442
- CVE-2013-2443
- CVE-2013-2444
- CVE-2013-2445
- CVE-2013-2446
- CVE-2013-2447
- CVE-2013-2448
- CVE-2013-2449
- CVE-2013-2450
- CVE-2013-2451
- CVE-2013-2452
- CVE-2013-2453
- CVE-2013-2454
- CVE-2013-2455
- CVE-2013-2456
- CVE-2013-2457
- CVE-2013-2458
- CVE-2013-2459
- CVE-2013-2460
- CVE-2013-2461
- CVE-2013-2462
- CVE-2013-2463
- CVE-2013-2464
- CVE-2013-2465
- CVE-2013-2466
- CVE-2013-2467
- CVE-2013-2468
- CVE-2013-2469
- CVE-2013-2470
- CVE-2013-2471
- CVE-2013-2472
- CVE-2013-2473
- CVE-2013-3006
- CVE-2013-3007
- CVE-2013-3008
- CVE-2013-3009
- CVE-2013-3010
- CVE-2013-3011
- CVE-2013-3012
- CVE-2013-3743
- CVE-2013-3744
- CVE-2013-4002
Source
Related Link
Share with