Lotus Software Affected

Notified:  April 06, 2001 Updated: March 26, 2003



Vendor Statement

Lotus reproduced the problem as reported by OUSPG and documented it in SPR#DWUU4W6NC8. Lotus responded quickly to resolve the problem in a maintenance update to Domino. It was addressed in Domino R5.0.7a, which was released on May 18th, 2001. This release can be downloaded from Notes.net at http://www.notes.net/qmrdown.nsf/qmrwelcome. The fix is documented in the fix list at http://www.notes.net/r5fixlist.nsf/Search!SearchView&Query=DWUU4W6NC8

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.


Researchers at Rapid 7, Inc. have determined that this vulnerability affects several pre-release and beta versions of Lotus Domino R6. For additional information, please see http://www.rapid7.com/advisories/R7-0012.html