CVE-2012-4842
First published: Wed Feb 27 2013(Updated: )
Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Lotus Domino R5 | =8.5.0 | |
| IBM Lotus Domino R5 | =8.5.0.1 | |
| IBM Lotus Domino R5 | =8.5.1 | |
| IBM Lotus Domino R5 | =8.5.1.1 | |
| IBM Lotus Domino R5 | =8.5.1.2 | |
| IBM Lotus Domino R5 | =8.5.1.3 | |
| IBM Lotus Domino R5 | =8.5.1.4 | |
| IBM Lotus Domino R5 | =8.5.1.5 | |
| IBM Lotus Domino R5 | =8.5.2.0 | |
| IBM Lotus Domino R5 | =8.5.2.1 | |
| IBM Lotus Domino R5 | =8.5.2.2 | |
| IBM Lotus Domino R5 | =8.5.2.3 | |
| IBM Lotus Domino R5 | =8.5.2.4 | |
| IBM Lotus Domino R5 | =8.5.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4842?
CVE-2012-4842 is classified as a medium severity vulnerability due to its potential for phishing attacks.
How do I fix CVE-2012-4842?
To fix CVE-2012-4842, update IBM Lotus Domino to the latest version where the vulnerability has been patched.
Which versions of IBM Lotus Domino are affected by CVE-2012-4842?
CVE-2012-4842 affects IBM Lotus Domino versions 8.5.0 through 8.5.3.
What type of attacks can be executed using CVE-2012-4842?
Attackers can use CVE-2012-4842 to conduct open redirect attacks, potentially leading to phishing scams.
Can CVE-2012-4842 be exploited remotely?
Yes, CVE-2012-4842 can be exploited remotely, allowing attackers to redirect users to malicious sites.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm lotus domino
- version/ibm lotus domino/8.5.0
- version/ibm lotus domino/8.5.0.1
- version/ibm lotus domino/8.5.1
- version/ibm lotus domino/8.5.1.1
- version/ibm lotus domino/8.5.1.2
- version/ibm lotus domino/8.5.1.3
- version/ibm lotus domino/8.5.1.4
- version/ibm lotus domino/8.5.1.5
- version/ibm lotus domino/8.5.2.0
- version/ibm lotus domino/8.5.2.1
- version/ibm lotus domino/8.5.2.2
- version/ibm lotus domino/8.5.2.3
- version/ibm lotus domino/8.5.2.4
- version/ibm lotus domino/8.5.3.0