ARRAS, seit 938 N e w s 4 N o t e s
Home  |  Sitemap  |  Links    
.: News4Notes :: 07.09.2012 :: 11:28 :: Lotus Notes and Domino News :.
Security Bulletin: Aug-2012 IBM Lotus Domino Web Server Cross-Site Scripting Vulnerabilities (CVE-2012-3302, CVE-2012-3301)
Send link  |  Feedback  |  Print

« U T I L I T I E S »

RSS news 2.0
RSS validate
RSS tips 2.0
RSS validate
OPML domino
Find RSS
ND6 powered
DDN hosted
CAR designed
GEO url
open NTF
Lotus Geek

by IBM Lotus Support

A security researcher contacted IBM to report four security vulnerabilities in the IBM Lotus Domino HTTP server that permit cross site scripting. These vulnerabilities could allow remote attackers to steal cookie-based authentication credentials. While fixes for all four are planned for inclusion in Domino 8.5.4, workarounds exist for two in Domino servers 7.0 and later by enabling a single INI setting. As of 15 August 2012, IBM has not received any reports of customer issues related to these security vulnerabilities...
« Read the full article... »

.: News4Notes :: Lotus Notes and Domino News :: News4Notes :.
Daily technical Lotus Notes and Domino News at or as RSS feed at