IBM Notes 8.x < 8.5.3 IF4 HF2 / 9.x < 9.0 IF2 Code Execution
Medium Nessus Plugin ID 66941
SynopsisThe remote host has software installed that is affected by a code execution vulnerability.
DescriptionThe remote host has a version of Lotus Notes 8.x earlier than 8.5.3 Fix Pack 4 Interim Fix 2 or 9.0 earlier than Interim Fix 2. As such, it is potentially affected by a code execution vulnerability. A flaw in the Multi-user Profile Cleanup Service enables an attacker to execute arbitrary code upon the next logon of a user.
SolutionUpgrade to IBM Notes 8.5.3 FP4 Interim Fix 2 / 9.0 Interim Fix 2 or later.