Vulnerability Description
ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Inotes | 8.5.2.0 |
| Ibm | Lotus Notes | 8.0 |
| Ibm | Lotus Notes Traveler | 9.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21633827
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82658
- http://www-01.ibm.com/support/docview.wss?uid=swg21633827
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82658
FAQ
What is CVE-2013-0536?
CVE-2013-0536 is a vulnerability with a CVSS score of 7.2 (HIGH). ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arr...
How severe is CVE-2013-0536?
CVE-2013-0536 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0536?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Inotes, Ibm Lotus Notes, Ibm Lotus Notes Traveler.