Description
The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
References (2)
Core 2
Core References
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2000-11/0341.html
Broken Link, Exploit, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1994
Scores
EPSS
0.0289
EPSS Percentile
85.1%
Details
CWE
CWE-203
Status
published
Products (1)
ibm/lotus_notes
r5
Published
Jan 09, 2001
Tracked Since
Feb 18, 2026