TruSecure does not believe this vulnerability poses a significant threat to corporate users. Even though the database allows anonymous access by default, it is our understanding that these servers are accessed internally by trusted sources, or at least by legitimate accounts. TruSecure also believes the vulnerability compromises the Domino services, but not the server itself.
An exploit for this vulnerability does not appear to exist. However, sources state that arbitrary code can be executed in the context of the server.
Administrators are advised to apply the maintenance release from IBM.