662 matches found
CVE-2011-1370
The default configuration of the Sametime configuration servlet SCS in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message...
Default configuration
The default configuration of the Sametime configuration servlet SCS in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message...
CVE-2011-1370
The vulnerability CVE-2011-1370 affects IBM Lotus Sametime Server, specifically the Sametime configuration servlet (SCS) in versions 7.0 through 8.5.2. The root cause is lack of authentication on the configuration servlet, enabling remote readers to access configuration settings via responses. Im...
CVE-2011-1370
The default configuration of the Sametime configuration servlet SCS in the server in IBM Lotus Sametime 7.0 through 8.5.2 does not enable an authentication requirement, which allows remote attackers to read the configuration settings by examining a response message...
[SECURITY] Fedora 15 Update: pidgin-2.7.11-1.fc15
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
[SECURITY] Fedora 14 Update: pidgin-2.7.11-1.fc14
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
IBM Lotus Sametime Server stconf.nsf messageString Parameter XSS
The version of Lotus Sametime on the remote host contains a cross-site scripting vulnerability because it fails to sanitize input to the 'messageString' parameter of the 'stconf.nsf' script before including it in a web page. An attacker can leverage this issue by enticing a user to follow a...
IBM Sametime Detection
IBM Sametime, a web conferencing, instant messaging, and scheduling application, is running on the remote web server. Note that IBM Sametime was formerly known as Lotus Sametime. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid52658; scriptversion"1.5";...
IBM Lotus Sametime Multiple Cross-Site Scripting Vulnerabilities
IBM Lotus Sametime Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
JVN#97334690: IBM Lotus vulnerable to denial-of-service (DoS)
IBM Lotus product line contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer. Products...
CVE-2011-1106
Cross-site scripting XSS vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action...
Cross site scripting
Cross-site scripting XSS vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action...
CVE-2011-1106
The CVE-2011-1106 entry describes a cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server’s Lotus Sametime component, specifically related to stcenter.nsf. The underlying issue is that an attacker can supply a crafted authReasonCode parameter in an OpenDatabase action, enabling re...
CVE-2011-1106
Cross-site scripting XSS vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action...
CVE-2011-1038
Multiple cross-site scripting XSS vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the messageString parameter in a WebMessage action or 2 the PATHINFO...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the messageString parameter in a WebMessage action or 2 the PATHINFO...
CVE-2011-1038
The CVE corresponds to a cross-site scripting (XSS) vulnerability in IBM Lotus Sametime 8.0.1, affecting the server’s stconf.nsf handling. The issue arises because input to the messageString parameter of a WebMessage action and the PATH_INFO is not properly sanitized, enabling remote attackers to...
CVE-2011-1038
Multiple cross-site scripting XSS vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the messageString parameter in a WebMessage action or 2 the PATHINFO...
IBM Lotus Sametime Server 8.0 - stcenter.nsf Cross-Site Scripting
IBM Lotus Sametime Server 8.0 - stcenter.nsf Cross-Site Scripting source: https://www.securityfocus.com/bid/46481/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to...
Domino Sametime 8.0.1 Cross Site Scripting
Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...