Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:ibm:sametime:8.5.2.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3978 |
The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the appropriate HTTP response headers to prevent unwanted caching by a web browser, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation. Published: February 14, 2014; 8:10:48 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6727 |
The Connect client in IBM Sametime 8.5.2 through 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote attackers to obtain sensitive information via unspecified vectors. Published: January 31, 2014; 1:15:52 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6733 |
Cross-site scripting (XSS) vulnerability in the Web Application in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: December 17, 2013; 10:21:28 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-0534 |
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory. Published: June 21, 2013; 10:55:01 AM -0400 |
V3.x:(not available) V2.0: 1.9 LOW |
CVE-2013-0553 |
The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM). Published: April 27, 2013; 11:24:14 PM -0400 |
V3.x:(not available) V2.0: 3.5 LOW |
CVE-2012-3308 |
Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat. Published: August 17, 2012; 6:31:52 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |