Security Bulletin: IBM Lotus Expeditor Security Advisory and Security Update Pack (CVE-2008-7271, CVE-2010-4647, CVE-2012-0186, CVE-2012-0191, CVE-2012-0187)

Flash (Alert)


Abstract

IBM has identified a total of four vulnerabilities in IBM Lotus Expeditor. All four vulnerabilities are resolved by IBM Lotus Expeditor 6.2 FP5+Security Pack.

Content


VULNERABILITY DETAILS – Directory Traversal

    CVE ID: CVE-2012-0186

    DESCRIPTION: Specially-crafted URLs can be sent to the Eclipse Help component of IBM Lotus Expeditor to disclose the location of private resources (files). This issue can be tracked by SPR # SAKL7QQG28.

    CVSS:
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/72096 for the current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)


VULNERABILITY DETAILS – Flawed Access Control Checks for Remote requests to Web Container
    CVE ID: CVE-2012-0191

    DESCRIPTION: Malicious users can spoof request headers sent to the Expeditor web container exploiting a flaw in access control checking to make it appear that the request came from localhost. This issue can be tracked as SPR# SAKL7QQG28 and MSTO89WRX8

    CVSS:
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/72156 for the current score
    CVSS Environmental Score*: Undefined
    CVSS String: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

VULNERABILITY DETAILS – Microsoft Windows Insecure Library Loading
    CVE ID: CVE-2012-0187

    DESCRIPTION: A vulnerability in IBM Lotus Expeditor caused by the Microsoft Windows Insecure Library Loading issue could allow remote code execution. Users clicking on a known file type from an untrusted and vulnerable location may inadvertently cause execution of untrusted code on their system. For more details please reference Microsoft Security Advisory 2269637. This issue can be tracked as SPR# DKLN8K7TEA, RAKA89HPF2, JKAE893E7R and RAKA899QV5.

    CVSS:
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/72097 for the
    current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)


VULNERABILITY DETAILS – Multiple IBM Lotus Expeditor Cross-site Scripting issues
    CVE IDs: CVE-2008-7271, CVE-2010-4647

    DESCRIPTION: Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (i.e., the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or HTML. These issues can be tracked as SPR# SAKL7QQG28 and JCHC89R945.

    CVSS:
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/64833 and http://xforce.iss.net/xforce/xfdb/64834 for the current scores
    CVSS Environmental Score*: Undefined
    CVSS String: (AV:R/AC:M/Au:N/C:N/I:P/A:N)

REMEDIATION:

The recommended solution is to apply the fix. To obtain this fix, Expeditor customers with access to Fix Central can download and apply IBM Lotus Expeditor 6.2 FP5 + Security Pack.


Fix:
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm/Lotus&product=ibm/Lotus/Lotus+Expeditor&release=All&platform=All&function=fixId&fixids=XPD-6.2.0.0-Client-IFix2

Workaround:
None known, apply fixes.

Mitigation:
None known, apply fixes.


REFERENCES:
· Complete CVSS Guide
· On-line Calculator V2
· X-Force Vulnerability Database – Eclipse IDE searchWord cross-site scripting
· X-Force Vulnerability Database – Eclipse IDE query string cross-site scripting
· X-Force Vulnerability Database – Directory Traversal
· X-Force Vulnerability Database – Flawed Access Control Checks for Remote requests to Web Container
· X-Force Vulnerability Database – Microsoft Windows Insecure Library Loading
· CVE-2008-7271
· CVE-2010-4647
· CVE-2012-0186
· CVE-2012-0191
· CVE-2012-0187

RELATED INFORMATION:
· IBM Secure Engineering Web Portal
· IBM Product Security Incident Response Blog

CHANGE HISTORY:
· 21/06/2012: Initial publication.

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash.


Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.



    Cross reference information
    Segment Product Component Platform Version Edition
    Messaging Applications Lotus Notes 8.5.2, 8.5.1, 8.0.2
    Applications - Desktop & Enterprise Lotus Symphony 3.0
    Organizational Productivity- Portals & Collaboration IBM Sametime 8.5.2, 8.5.1, 8.0.2

Rate this page:

(0 users)Average rating

Document information


More support for:

Lotus Expeditor

Software version:

6.1.2, 6.2, 6.2.1, 6.2.2

Operating system(s):

Windows

Reference #:

1575642

Modified date:

2012-06-21

Translate my page

Machine Translation

Content navigation