Skip to main content

Lotus Sametime

9 CVEs product

Monthly

CVE-2013-3985 LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak. Rated low severity (CVSS 2.9). No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
CVSS 2.0
2.9
EPSS
0.1%
CVE-2013-3045 LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3044 LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of chat messages, or compose anonymous chat messages, by leveraging. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0537 LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-3986 MEDIUM POC THREAT This Month

IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.2%.

Buffer Overflow Denial Of Service Mozilla IBM Lotus Sametime
NVD
CVSS 2.0
4.3
EPSS
39.2%
CVE-2013-0534 LOW Monitor

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging. Rated low severity (CVSS 1.9). No vendor patch available.

IBM Authentication Bypass Lotus Sametime Sametime
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-0535 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Classic Meeting Server Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0553 LOW Monitor

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Lotus Sametime Sametime
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2013-0533 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.1%
EPSS 0% CVSS 2.9
LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak. Rated low severity (CVSS 2.9). No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to share crafted links via the Library function. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Lotus Sametime
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of chat messages, or compose anonymous chat messages, by leveraging. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Lotus Sametime
NVD
EPSS 39% CVSS 4.3
MEDIUM POC THREAT This Month

IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer Firefox extension crash) via a crafted Audio Visual (AV) session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.2%.

Buffer Overflow Denial Of Service Mozilla +2
NVD
EPSS 0% CVSS 1.9
LOW Monitor

The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging. Rated low severity (CVSS 1.9). No vendor patch available.

IBM Authentication Bypass Lotus Sametime +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Classic Meeting Server +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Lotus Sametime +1
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through 8.5.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Sametime
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy