Filtered by vendor Ibm
Subscriptions
Filtered by product Sametime
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-4747 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate attackers to discover a meeting password hash by leveraging access to an unattended workstation to read HTML source code within a victim's browser. | ||||
CVE-2014-4748 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in the Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2014-3867 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2013-3984. | ||||
CVE-2014-3014 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||
CVE-2014-0906 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not check whether a session cookie is current, which allows remote attackers to conduct user-search actions by leveraging possession of a (1) expired or (2) invalidated cookie. | ||||
CVE-2014-0890 | 1 Ibm | 1 Sametime | 2024-08-06 | N/A |
The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file. |