PT-2013-2412 · Ibm · Ibm Inotes
Published
2013-06-21
·
Updated
2017-08-29
·
CVE-2013-0536
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Notes versions 8.0 through 8.0.2
IBM Notes versions 8.5 through 8.5.3 before FP5
IBM Notes version 9.0 before IF2
Description
The issue allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user. This is related to the ntmulti.exe in the Multi User Profile Cleanup service.
Recommendations
For IBM Notes versions 8.0 through 8.0.2, update to a version outside of this range to resolve the issue.
For IBM Notes versions 8.5 through 8.5.3, apply FP5 or later to resolve the issue.
For IBM Notes version 9.0 before IF2, apply IF2 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Inotes