Lotus Notes Mail Recipient Information Disclosure Vulnerability

Lotus Notes is prone to an information-disclosure vulnerability.

The problem occurs because the 'SendTo/AltSendTo', 'CopyTo/AltCopyTo', and 'BlindCopyTo/AltBlindCopyTo' fields are not kept in sync when 'reply to all' is used.

This may result in unintended recipients receiving emails. This could result in the disclosure of sensitive information if an email containing sensitive or privileged information is sent to unintended readers.


Privacy Statement
Copyright 2010, SecurityFocus