Security Vulnerabilities Reported with Java Applets

Technote (FAQ)


Question

Jouko Pynnonen has reported three potential vulnerabilities in the handling of Java applets in the Lotus Notes 6.0x and 6.5x clients to IBM Lotus.

Answer

These issues have been reported to Quality Engineering as SPR#s: KSPR5YS6GR, KSPR62F4D3 and KSPR62F4KN. SPR# KSPR62F4KN has been addressed in 6.5.3 and 6.0.5. SPR# KSPR5YS6GR and SPR# KSPR62F4D3 have been addressed in 6.5.4 and 6.0.5.

For previous releases of Lotus Notes, Java applets can be disabled. To disable Java applets, select File -> Preferences -> User Preferences from the Notes client menu and uncheck the option for "Enable Java applets."

Excerpt from the Lotus Notes and Domino Release 6.0.5 / 6.5.3 / 6.5.4 MR fix lists (available at http://www.ibm.com/developerworks/lotus):

  • SPR# KSPR62F4KN - Fixed a buffer overflow that caused Notes crash.
  • SPR# KSPR5YS6GR - Fixed a potential security issue.
  • SPR# KSPR62F4D3 - Fixed a potential security issue.


Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Lotus End of Support Products
Lotus Notes

Software version:

6.0, 6.5

Operating system(s):

Windows

Reference #:

1173910

Modified date:

2010-03-09

Translate my page

Machine Translation

Content navigation