IBM Support

Notes, Domino & iNotes are NOT at risk from vulnerability described in VU#625617 - "Java 7 fails to restrict access to privileged code"



Are IBM Lotus Notes, Domino and iNotes at risk from the Java 1.7 vulnerability described in Vulnerability Note VU#625617 - "Java 7 fails to restrict access to privileged code" (link below).


--> VU#625617 - Java 7 fails to restrict access to privileged code

No. IBM Quality Engineering has confirmed that Notes, Domino, and iNotes are not at risk from this vulnerability. The exploit is present only in Java 1.7 whereas all supported releases of Notes, Domino, and iNotes use Java 1.6 SR12 or earlier.

For related information, refer to the post titled "Oracle Java 7 Security Manager Bypass Vulnerability (CVE-2013-0422)" on the IBM Product Security Incident Response Team (PSIRT) blog.

Related information

CERT Vulnerability Listings
How is IBM Sametime impacted by the "Oracle Java 7 Secu

Cross reference information
Segment Product Component Platform Version Edition
Messaging Applications IBM iNotes Security
Messaging Applications IBM Domino Security

Document information

More support for: IBM Notes

Software version: 8.0, 8.5

Operating system(s): Linux, OS X, Windows, iOS

Reference #: 1622314

Modified date: 14 January 2013