PT-2001-2589 · Ibm · Lotus Notes R5 Client

Published

2001-12-31

Updated

2017-07-11

CVE-2001-1504

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Lotus Notes R5 Client version 4.6

Description The issue allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event. This code is automatically executed when the user processes the e-mail message.

Recommendations For Lotus Notes R5 Client version 4.6, consider disabling the automatic execution of events in e-mail messages until a fix is available. Restrict access to potentially malicious Lotus Notes objects to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1504

Affected Products

Lotus Notes R5 Client

PT-2001-2589 · Ibm · Lotus Notes R5 Client

CVE-2001-1504

Related Identifiers

Affected Products

References · 6