CVE-2009-2435
The CVE-2009-2435 entry corresponds to IBM Lotus Sametime/Instant Messaging and Web Conferencing 6.5.1. The vulnerability arises from login error handling that produces different time delays depending on whether the target username exists, enabling remote attackers to enumerate valid usernames. I...