In association with heise online

26 July 2012, 12:53

IBM closes holes in mail filters and WebSphere MQ

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

IBM logo

IBM has patched two security flaws in the mail filters of Lotus Protector for Mail Security and Proventia Network Mail Security that affect all versions of these products. A cross-site scripting vulnerability allows an attacker to inject JavaScript code into the browser of an administrator with an active session on the system. The other vulnerability allows administrators to gain access to files on a server that they should not have access to.

Both vulnerabilities have been patched for versions 2.5.x, 2.8.x and later of the affected products. Users with older versions of the software must upgrade to version 2.5.x before they can install the patch.

IBM has also patched a flaw in version 7.1 of its WebSphere MQ communication platform. The vulnerability allows users to access the queue manager even if they are not allowed to do so. This problem has been fixed in Fix Pack for WebSphere MQ.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit