Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Sametime

Total 46 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-3975	1 Ibm	1 Sametime	2017-08-29	5.0 MEDIUM	N/A
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.
CVE-2013-3046	1 Ibm	1 Sametime	2017-08-29	4.3 MEDIUM	N/A
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HSTS Strict-Transport-Security header, which makes it easier for man-in-the-middle attackers to hijack sessions or obtain sensitive information by leveraging the presence of HTTP requests.
CVE-2013-0553	1 Ibm	2 Lotus Sametime, Sametime	2017-08-29	3.5 LOW	N/A
The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client, Sametime Advanced Connect client, Sametime Advanced Web client, and other products, allows remote authenticated users to send commands to individual chat users, or to all participants in a chat room, via a crafted Sametime Instant Message (IM).
CVE-2013-0534	1 Ibm	2 Lotus Sametime, Sametime	2017-08-29	1.9 LOW	N/A
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitive information by leveraging the persistence of cleartext password strings within process memory.
CVE-2012-3308	1 Ibm	1 Sametime	2017-08-29	4.3 MEDIUM	N/A
Cross-site scripting (XSS) vulnerability in IBM Sametime 8.0.2 through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via an IM chat.
CVE-2014-4747	1 Ibm	1 Sametime	2017-01-07	2.1 LOW	N/A
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser.