Vulnerabilities > CVE-2000-1117 - Information Exposure Through Discrepancy vulnerability in IBM Lotus Notes R5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ibm

CWE-203

NVD

Published: 2001-01-09

Updated: 2024-02-14

Summary

The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Notes R5	1

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

http://www.securityfocus.com/bid/1994
http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html