Vulnerability CVE-2013-0536
Published: 2013-06-21

Description:
ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Lotus inotes 
IBM -> Lotus notes 
IBM -> Lotus notes traveler 

 References:
http://xforce.iss.net/xforce/xfdb/82658
http://www-01.ibm.com/support/docview.wss?uid=swg21633827
Copyright 2024, cxsecurity.com

 

Back to Top