Security Bulletin: IBM Notes Multi User Profile Cleanup service enables an attacker to execute arbitrary code on the next logon of a user (CVE-2013-0536)
An attacker on a multi-user system is able to target other users by executing code with the rights of the user.
CVE ID: CVE-2013-0536
IBM Notes Multi User Profile Cleanup service enables an attacker to execute arbitrary code on the next logon of a user.
CVSS Base Score: 6.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/82658 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)
IBM Notes 9.0, 8.5.x, 8.0.x.
This issue is being tracked as SPR# PJOK959J24. The fix is included in Interim Fix 2 for Notes 9.0 and Interim Fix 2 for Notes 8.5.3 Fix Pack 4 (technote 1639571). The fix will also be included in Notes 8.5.3 Fix Pack 5 (refer to the Notes/Domino Fix List to monitor Fix Pack availability status).
Disable the ntmulti.exe service on the client workstation. Disabling this service will adversely affect only roaming users who are set up for roaming user clean-up. The roaming user clean-up may not be complete after disabling the service.
Complete CVSS Guide
On-line Calculator V2
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
This vulnerability was reported to IBM by Markus Pieton of it.sec GmbH & Co. KG.
|Messaging Applications||IBM Domino||Windows||9.0, 8.5.3, 8.5.2, 8.5.1, 8.5, 8.0.2, 8.0.1, 8.0|
More support for:
Software version: 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, 9.0
Operating system(s): Windows
Reference #: 1633827
Modified date: 12 June 2013