CVE-2016-0304

Name of the Vulnerable Software and Affected Versions IBM Domino versions 8.5.x through 8.5.3 FP6 IF12 and versions 9.x through 9.0.1 FP5

Description The Java Console in IBM Domino, when used with a certain unsupported configuration involving UNC share pathnames, allows remote attackers to bypass authentication and possibly execute arbitrary code. This issue exists due to an incomplete fix for a previous security flaw.

Recommendations For IBM Domino versions 8.5.x through 8.5.3 FP6 IF12, update to version 8.5.3 FP6 IF13 or later. For IBM Domino versions 9.x through 9.0.1 FP5, update to version 9.0.1 FP6 or later.