CVE-2008-0862

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes versions 6.0 through 8.0

Description The issue allows remote attackers to bypass Execution Control List (ECL) protection by signing an unsigned applet when a user forwards an email message. This occurs due to a flaw in how IBM Lotus Notes handles unsigned applets in forwarded email messages.

Recommendations For versions 6.0 through 8.0, consider disabling the feature that signs unsigned applets when forwarding email messages as a temporary workaround until a patch is available. Restrict access to unsigned applets to minimize the risk of exploitation.