Jouko Pynnonen has reported three potential vulnerabilities in the handling of Java applets in the Lotus Notes 6.0x and 6.5x clients to IBM Lotus.
These issues have been reported to Quality Engineering as SPR#s: KSPR5YS6GR, KSPR62F4D3 and KSPR62F4KN. SPR# KSPR62F4KN has been addressed in 6.5.3 and 6.0.5. SPR# KSPR5YS6GR and SPR# KSPR62F4D3 have been addressed in 6.5.4 and 6.0.5.
For previous releases of Lotus Notes, Java applets can be disabled. To disable Java applets, select File -> Preferences -> User Preferences from the Notes client menu and uncheck the option for "Enable Java applets."
Excerpt from the Lotus Notes and Domino Release 6.0.5 / 6.5.3 / 6.5.4 MR fix lists (available at http://www.ibm.com/developerworks/lotus):
- SPR# KSPR62F4KN - Fixed a buffer overflow that caused Notes crash.
- SPR# KSPR5YS6GR - Fixed a potential security issue.
- SPR# KSPR62F4D3 - Fixed a potential security issue.
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.