CVE-2008-0862 Information

Description

IBM Lotus Notes 6.0 6.5 7.0 and 8.0 signs an unsigned applet when a user forwards an email message to another user which allows user-assisted remote attackers to bypass Execution Control List (ECL) protection.

Reference

http://secunia.com/advisories/29031 http://www.vupen.com/english/advisories/2008/0600/references http://www-1.ibm.com/support/docview.wss?uid=swg21257250