IBM Notes 8.0.x / 8.5.x / 9.0.x with IBM Java < 1.6 SR15 FP1 Multiple Vulnerabilities

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has software installed that is affected by multiple
vulnerabilities.

Description :

The remote host has a version of IBM Notes (formerly Lotus Notes)
8.0.x / 8.5.x / 9.0.x that is bundled with an IBM Java version prior
to 1.6 SR15 FP1. It is, therefore, affected by the vulnerabilities
mentioned in the Oracle Java Critical Patch Update advisories for
October 2013 and January 2014.

See also :

http://www-01.ibm.com/support/docview.wss?uid=swg21670264
http://www.nessus.org/u?77cf0990
http://www.nessus.org/u?ffc42f0b
http://www.nessus.org/u?ac29c174
http://www.nessus.org/u?17c46362

Solution :

Upgrade to IBM Notes 9.0.1 FP 1 or later. Alternatively, apply the
JVM patch per the vendor advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 73970 ()

Bugtraq ID: 61310
63082
63089
63095
63098
63101
63102
63103
63106
63110
63111
63112
63115
63118
63120
63121
63122
63124
63126
63128
63129
63131
63133
63134
63135
63137
63139
63141
63142
63143
63145
63146
63147
63148
63149
63150
63151
63152
63153
63154
63155
63156
63157
63158
63224
63618
63619
63620
63621
63622
64863
64875
64882
64890
64894
64899
64907
64912
64914
64915
64916
64917
64918
64919
64920
64921
64922
64923
64924
64925
64926
64927
64928
64930
64931
64932
64933
64935
64937

CVE ID: CVE-2013-0408
CVE-2013-3829
CVE-2013-4002
CVE-2013-4041
CVE-2013-5372
CVE-2013-5375
CVE-2013-5456
CVE-2013-5457
CVE-2013-5458
CVE-2013-5772
CVE-2013-5774
CVE-2013-5776
CVE-2013-5778
CVE-2013-5780
CVE-2013-5782
CVE-2013-5783
CVE-2013-5784
CVE-2013-5787
CVE-2013-5788
CVE-2013-5789
CVE-2013-5790
CVE-2013-5797
CVE-2013-5800
CVE-2013-5801
CVE-2013-5802
CVE-2013-5803
CVE-2013-5804
CVE-2013-5805
CVE-2013-5806
CVE-2013-5809
CVE-2013-5812
CVE-2013-5814
CVE-2013-5817
CVE-2013-5818
CVE-2013-5819
CVE-2013-5820
CVE-2013-5823
CVE-2013-5824
CVE-2013-5825
CVE-2013-5829
CVE-2013-5830
CVE-2013-5831
CVE-2013-5832
CVE-2013-5838
CVE-2013-5840
CVE-2013-5842
CVE-2013-5843
CVE-2013-5848
CVE-2013-5849
CVE-2013-5850
CVE-2013-5851
CVE-2013-5878
CVE-2013-5884
CVE-2013-5887
CVE-2013-5888
CVE-2013-5889
CVE-2013-5893
CVE-2013-5896
CVE-2013-5898
CVE-2013-5899
CVE-2013-5902
CVE-2013-5904
CVE-2013-5907
CVE-2013-5910
CVE-2014-0368
CVE-2014-0373
CVE-2014-0375
CVE-2014-0376
CVE-2014-0387
CVE-2014-0403
CVE-2014-0410
CVE-2014-0411
CVE-2014-0415
CVE-2014-0416
CVE-2014-0417
CVE-2014-0418
CVE-2014-0422
CVE-2014-0423
CVE-2014-0424
CVE-2014-0428

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now