Security Bulletin: IBM Notes may fail to zero the plaintext password within memory (CVE-2013-0534)
IBM PSIRT 270004PFE3 firstname.lastname@example.org |
0 Comments | 477 Visits
In some scenarios, IBM Notes may fail to zero the plaintext password within memory, leaving the plaintext password accessible to an attacker with the ability to access memory on the user's local workstation.
CVE ID: CVE-2013-0534
IBM Notes 9.0, 8.5.x.
Refer to the following reference URLs for remediation and additional vulnerability details.
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21636154