Are IBM Lotus Notes, Domino and iNotes at risk from the Java 1.7 vulnerability described in Vulnerability Note VU#625617 - "Java 7 fails to restrict access to privileged code" (link below).
--> VU#625617 - Java 7 fails to restrict access to privileged code
No. IBM Quality Engineering has confirmed that Notes, Domino, and iNotes are not at risk from this vulnerability. The exploit is present only in Java 1.7 whereas all supported releases of Notes, Domino, and iNotes use Java 1.6 SR12 or earlier.
For related information, refer to the post titled "Oracle Java 7 Security Manager Bypass Vulnerability (CVE-2013-0422)" on the IBM Product Security Incident Response Team (PSIRT) blog.
|Messaging Applications||IBM iNotes||Security|
|Messaging Applications||IBM Domino||Security|
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.