Abstract:
IBM Lotus Notes and IBM Lotus Domino are vulnerable to four Java exploits where malicious agents, applets, or XPages applications can escalate privileges. These vulnerabilities are in the IBM Java SDK.
Content:
For information about the impact of this vulnerability on other affected IBM products, refer to this post on the Product Security Incident Reporting Team (PSIRT) blog.
VULNERABILITY DETAILS:
CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823
Description:
There are a number of vulnerabilities in the IBM Java SDK versions that affect various components (ORB, XML and JMX). The vulnerabilities allow code running under a security manager to escalate its privileges by modifying or removing the security manager. Some of the issues need to be combined in sequence to achieve an exploit.
An attacker could persuade a user into running Java code from an untrusted, malicious source resulting in privilege escalation. The attacker must convince the Notes user to click on a malicious Notes:// URL which, in turn, runs a Java agent, applet or XPages application. The attack against the Domino server can be exploited only by an authenticated user with the rights to run LotusScript or Java agents on the server.
Affected Plattform: Lotus Notes 8.0.X, 8.5, 8.5.X, 8.5.3 FP3
Fix : 8.5.3 FP3 or security patch
Technote#1616652
