2 matches found
Design/Logic Flaw
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different...
CVE-2013-3984
Technical details for CVE-2013-3984 are not publicly provided in the connected documents. The materials reference related issues (e.g., CVE-2014-3867) but do not disclose affected components, versions, or remediation for this CVE. Monitor for updates.