Info

Disclosure

Jul 13, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

IBM Lotus Notes contains several flaws related to the handling of Java applets. No further details have been provided.

Classification

Location: Location Unknown
Attack Type: Input Manipulation, Attack Type Unknown
Impact: Loss of Integrity, Impact Unknown
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Install the designated patch (SPR# KSPR62F4KN), as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: For current releases of Lotus Notes, Java applets can be disabled. To disable Java applets, select File -> Preferences -> User Preferences from the Notes client menu and uncheck the option for "Enable Java applets."

Products

International Business Machines Corporation	Lotus Notes	6.5.x
		6.0.x

References

Secunia Advisory ID: 12046
CVE ID: 2004-2280 (see also: NVD)
SCIP VulDB ID: 755
Related OSVDB ID: 8416 8417
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0114.html
Other Advisory URL: http://searchdomino.techtarget.com/originalContent/0,289142,sid4_gci992961,00.html
Vendor Specific Advisory URL: http://www-1.ibm.com/support/docview.wss?rs=475&context=SSKTWP&q1=Java&uid=swg21173910&loc=en_US&cs=utf-8&lang=en
Vendor URL: http://www-306.ibm.com/software/lotus/
Keyword: KSPR62F4KN

Credit

Jouko Pynnonen - joukoiki.fi - Personal Page

Direct URL: http://osvdb.org/8418

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

International Business Machines Corporation

Lotus Notes

References

Credit