Privilege Escalation Vulnerability in IBM Notes Multi User Profile Cleanup Service
CVE-2013-0536

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Inotes; Lotus Notes; Lotus Notes Traveler
Vendor: CVE Published:; 21 June 2013

Summary

The Multi User Profile Cleanup service in IBM Notes contains a vulnerability that allows local users to escalate their privileges. This can be exploited by arranging for malicious code to execute during the subsequent login session of another user. Affected versions include IBM Notes 8.0 through 8.5.3 prior to FP5 and IBM Notes 9.0 prior to IF2. It is crucial for users to apply available patches to mitigate this security risk.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82658

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21633827

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 21, 2013
Vulnerability Reserved
Dec 16, 2012