26 matches found
CVE-2000-1117
CVE-2000-1117 affects the Lotus Notes Client R5. The JVM’s Extended Control List (ECL) feature enables a timing side channel via getSystemResource to infer whether a local file exists, by comparing dialog timing when a Java applet accesses local files. An attacker using a malicious applet in the ...
CVE-2000-1117
The Extended Control List ECL feature of the Java Virtual Machine JVM in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method...
Дырка в виртуальной машине Java клиента Lotus Notes
Дырка в виртулаьной машине позволяет проверять наличие файла на клиентской машине...
Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5
========================================================================= Security Hole in ECL Feature of Java VM Embedded in Lotus Notes Client R5 http://java-house.etl.go.jp/ml/archive/j-h-b/038904.html ========================================================================= The security hole...
Lotus Notes Client R5 File Existence Verification Vulnerability
Description Lotus Notes Client R5 is a messaging and collaboration tool that contains a built in web browser. The web browser implements a Java Virtual Machine VM designed specifically for Lotus Notes. A security vulnerability exists in the Execution Control List ECL feature within the Java VM th...
domino-notes.txt
''''''''''''''''''''''''''''''''''''' L0pht Security Advisory URL Origin: http://www.l0pht.com/advisories.html Release Date: July 31, 1998 Application: Notes 4.6+ Client Operating Sys: Any Severity: Users can overwrite/create system files Author: nny Patch Status: Lotus has been made aware of thi...