CVE-2013-0537
https://notcve.org/view.php?id=CVE-2013-0537
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges. Vulnerabilidad en Enterprise Meeting Server de IBM Lotus Sametime 8.5.2 y 8.5.2.1 permite a usuarios remotos autenticados falsificar el origen de enlaces compartidos mediante el aprovechamiento de privilegios meeting-attendance. • http://www-01.ibm.com/support/docview.wss?uid=swg21654355 https://exchange.xforce.ibmcloud.com/vulnerabilities/84840 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-3986 – IBM Lotus Sametime WebPlayer Denial of Service
https://notcve.org/view.php?id=CVE-2013-3986
IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session. IBM Lotus Sametime 8.5.2 y 8.5.2.1 permite a atacantes remotos provocar una denegación de servicio (cierre de la extensión WebPlayer de Firefox) a través de una sesión Audio Visual (AV). • http://www-01.ibm.com/support/docview.wss?uid=swg21654041 https://exchange.xforce.ibmcloud.com/vulnerabilities/84969 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-4051
https://notcve.org/view.php?id=CVE-2013-4051
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4055. Vulnerabilidad de XSS en webadmin.nsf en Domino Web Administrator de IBM Domino 8.5 y 9..0 permite a usuarios remotos autenticados inyectar script web o HTML arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-4055. • http://www-01.ibm.com/support/docview.wss?uid=swg21652988 https://exchange.xforce.ibmcloud.com/vulnerabilities/86503 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-4050
https://notcve.org/view.php?id=CVE-2013-4050
Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Vulnerabilidad CSRF en webadmin.nsf en Domino Web Administrator de IBM Domino 8.5 y 9.0 permite a usuarios remotos autenticados secuestrar la autenticación de víctimas sin especificar a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg21652988 https://exchange.xforce.ibmcloud.com/vulnerabilities/86433 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2013-4055
https://notcve.org/view.php?id=CVE-2013-4055
Cross-site scripting (XSS) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-4051. Vulnerabilidad de XSS en webadmin.nsf en Domino Web Administrator de IBM Domino 8.5 y 9.0 permite a usuarios remotos autenticados inyectar script web o HTML arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-4051. • http://www-01.ibm.com/support/docview.wss?uid=swg21652988 https://exchange.xforce.ibmcloud.com/vulnerabilities/86544 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •