IBM Lotus Sametime Server 8.0 - 'stcenter.nsf' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46481/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

IBM Lotus Domino Sametime crossite scripting

stconf.nsf crossite scripting...

Re: Domino Sametime Multiple Reflected Cross-Site Scripting

Hi, I discovered similar XSS affecting Domino Sametime some time ago... This XSS affects other scripts also... i.e. stcenter.nsf Here's an example: /stcenter.nsf?OpenDatabase&authReasonCode="scriptalertdocument.cookie;/script" Cheers Andrew...

Domino Sametime Multiple Reflected Cross-Site Scripting

Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...

IBM Lotus Sametime Server 'stconf.nsf' Cross Site Scripting Vulnerability

IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

IBM Lotus Sametime - stconf.nsfWebMessage?messageString Cross-Site Scripting

IBM Lotus Sametime - stconf.nsfWebMessage?messageString Cross-Site Scripting source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this...

IBM Lotus Sametime - stconf.nsf Cross-Site Scripting

IBM Lotus Sametime - stconf.nsf Cross-Site Scripting source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitra...

IBM Lotus Sametime - '/stconf.nsf/WebMessage?messageString' Cross-Site Scripting

source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

IBM Lotus Sametime - stconf.nsf Cross-Site Scripting

source: https://www.securityfocus.com/bid/46471/info IBM Lotus Sametime Server is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user...

CVE-2010-3398

Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W...

Code injection

Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W...

CVE-2010-3398

CVE-2010-3398 affects IBM Lotus Sametime Connect 8.5.1 before CF1, via an unspecified vulnerability in the webcontainer implementation (SPR LXUU87S57H and LXUU87S93W). The connected documents do not disclose impact, attack vectors, exploitation details, or a remediation. Information aligns on the...

CVE-2010-3398

Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W...

[SECURITY] Fedora 13 Update: pidgin-2.7.2-1.fc13

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

[SECURITY] Fedora 13 Update: pidgin-2.7.0-2.fc13

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

[SECURITY] Fedora 11 Update: pidgin-2.7.0-2.fc11

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

Mandriva Linux Security Advisory : pidgin (MDVSA-2009:321)

Security vulnerabilities has been identified and fixed in pidgin : The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. CVE-2008-3532 Pidgin 2.4....

IBM Lotus Domino Sametime STMux.exe Stack Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'IBM Lotus...

IBM Lotus Sametime Server Multiplexer Stack Buffer Overflow (CVE-2008-2499)

IBM Lotus Sametime is an enterprise instant messaging and web conferencing application created by the Lotus Software division of IBM. Lotus Sametime provides enterprise instant messaging functionality, presence information, and web conferencing using standard protocols. The Lotus Sametime server...

[SECURITY] Fedora 11 Update: pidgin-2.6.3-2.fc11

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...