BM Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities (CVE-2014-0892 and Oracle Java Critical Patch Updates for Oct 2013, Jan 2014)

Share this post:

This security bulletin details the fixes and/or workarounds for multiple vulnerabilities which have been addressed in the Notes and Domino 9.0.1 Fix Pack 1. Fixes are also planned for Notes and Domino 8.5.3 Fix Pack 6 Interim Fix 3.

CVE(s):CVE-2014-0892, CVE-2014-0368, CVE-2014-0428, CVE-2014-0424, CVE-2014-0423, CVE-2014-0422, CVE-2014-0418, CVE-2014-0417, CVE-2014-0416, CVE-2014-0415, CVE-2014-0411, CVE-2014-0410, CVE-2014-0403, CVE-2014-0387, CVE-2014-0376, CVE-2014-0375, CVE-2014-0373, CVE-2013-5910, CVE-2013-5907, CVE-2013-5904, CVE-2013-5902, CVE-2013-5899, CVE-2013-5898, CVE-2013-5896, CVE-2013-5893, CVE-2013-5889, CVE-2013-5888, CVE-2013-5887, CVE-2013-5884, CVE-2013-5878, CVE-2013-0408, CVE-2013-5851, CVE-2013-5850, CVE-2013-5849, CVE-2013-5848, CVE-2013-5843, CVE-2013-5842, CVE-2013-5840, CVE-2013-5838, CVE-2013-5832, CVE-2013-5831, CVE-2013-5830, CVE-2013-5829, CVE-2013-5825, CVE-2013-5824, CVE-2013-5823, CVE-2013-5820, CVE-2013-5819, CVE-2013-5818, CVE-2013-5817, CVE-2013-5814, CVE-2013-5812, CVE-2013-5809, CVE-2013-5806, CVE-2013-5805, CVE-2013-5804, CVE-2013-5803, CVE-2013-5802, CVE-2013-5801, CVE-2013-5800, CVE-2013-5797, CVE-2013-5790, CVE-2013-5789, CVE-2013-5788, CVE-2013-5787, CVE-2013-5784, CVE-2013-5783, CVE-2013-5782, CVE-2013-5780, CVE-2013-5778, CVE-2013-5776, CVE-2013-5774, CVE-2013-5772, CVE-2013-5458, CVE-2013-5457, CVE-2013-5456, CVE-2013-5375, CVE-2013-5372, CVE-2013-4041, CVE-2013-4002 and CVE-2013-3829

Affected product(s) and affected version(s):

Oracle Java Critical Patch Updates for October 2013 and January 2014

  • IBM Notes 9.0.1 and earlier
  • IBM Domino 9.0.1 Interim Fix 2 and earlier
  • IBM Notes and Domino 8.5.x
  • IBM Notes and Domino 8.0.x

IBM Notes and Domino Remote Execution Vulnerability* (CVE-2014-0892)
*Impacts Linux 32 platforms only

    • IBM Notes 9.0.1 and earlier
    • IBM Domino 9.0.1 Interim Fix 2 and earlier
    • IBM Notes and Domino 8.5.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21670264
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/91284

More stories

IBM Product Security Incident Response

Acknowledgement

Feb 27, 2019 3:40 pm EDT

IBM acknowledges and thanks the security researchers and organizations listed below for reporting and working with us to resolve one or more security vulnerabilities in our products and services. Disclosures for 2019 Neil Kettle, (Trustwave) Steve Petz   Disclosures for 2018 Artem Metla Cody Wass, (NetSPI) David Azria, Alex Mor, (Ernst & Young, Hacktics Advanced ...read more


Potential Impact on Processors in the POWER Family

Aug 16, 2018 4:20 pm EDT

In January 2018, three security vulnerabilities were made public that allow unauthorized users to bypass the hardware barrier between applications and kernel memory. These vulnerabilities all make use of speculative execution to perform side-channel information disclosure attacks. The first two vulnerabilities, CVE-2017-5753 and CVE-2017- 5715, are collectively known as Spectre, and allow user-level code to ...read more


IBM Security Bulletin: Vulnerabilities in bind affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems

Nov 27, 2017 3:17 pm EDT | High Severity

IBM Chassis Management Module has addressed the following vulnerabilities in PHP. CVE(s): CVE-2017-3143, CVE-2017-3142 Affected product(s) and affected version(s): Product Affected Version IBM Integrated Management Module II (IMM2) for System x and Flex Systems 1AOO IBM Integrated Management Module II (IMM2) for BladeCenter Systems 1AOO Refer to the following reference URLs for remediation and additional ...read more