NotCVE - vendor:"Ibm" product:"Sametime"

Page 8 of 68 results (0.002 seconds)

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

CVE-2013-3982 – IBM Lotus Sametime Version Enumeration

https://notcve.org/view.php?id=CVE-2013-3982

The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page. Meeting Server en IBM Sametime 8.x hasta 8.5.2.1 y 9.x hasta 9.0.0.1 permite a atacantes remotos obtener información de instalación y datos técnicos no especificados a través de una solicitud hacia una página pública. • http://www-01.ibm.com/support/docview.wss?uid=swg21671201 https://exchange.xforce.ibmcloud.com/vulnerabilities/84908 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-3015

https://notcve.org/view.php?id=CVE-2014-3015

Cross-site request forgery (CSRF) vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 through 9.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. Vulnerabilidad de CSRF en el reproductor Web en IBM Sametime Proxy Server y Web Client 9.0 hasta 9.0.0.1 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios para solicitudes que insertan secuencias XSS. • http://www-01.ibm.com/support/docview.wss?uid=swg21673260 https://exchange.xforce.ibmcloud.com/vulnerabilities/93026 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 1.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2014-0890

https://notcve.org/view.php?id=CVE-2014-0890

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file. El cliente Connect en IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0 y 9.0.0.1, cuando cierta configuración com.ibm.collaboration.realtime.telephony.*.level está habilitada, registra contraseñas en texto plano durante sesiones de chat de Audio/Vídeo, lo que permite a usuarios locales obtener información sensible mediante la lectura de un archivo de registro. • http://www-01.ibm.com/support/docview.wss?uid=swg21665658 https://exchange.xforce.ibmcloud.com/vulnerabilities/91282 • CWE-255: Credentials Management Errors •

CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-6743

https://notcve.org/view.php?id=CVE-2013-6743

Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving an IMG element. Vulnerabilidad de XSS en Meeting Server en IBM Sametime 8.5.2 hasta 8.5.2.1 y 9.x hasta 9.0.0.1 permite a usuarios auntenticados remotos inyectar script Web o HTML arbitrarios a través de vectores que involucran un elemento IMG. • http://osvdb.org/103131 http://www-01.ibm.com/support/docview.wss?uid=swg21662928 https://exchange.xforce.ibmcloud.com/vulnerabilities/89859 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2013-3988

https://notcve.org/view.php?id=CVE-2013-3988

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. Meeting Server en IBM Sametime 8.5.2 hasta 8.5.2.1 y 9.x hasta 9.0.0.1 permite a atacantes remotos realizar ataques de clickjacking a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21662928 https://exchange.xforce.ibmcloud.com/vulnerabilities/84973 • CWE-20: Improper Input Validation •

1...6 7 8 9 10