CVE-2014-3867
The CVE-2014-3867 entry concerns IBM Sametime Meeting Server versions 8.x up to 8.5.2.1 and 9.x up to 9.0.0.1 that do not set the HTTPOnly flag for an unspecified cookie in an HTTPS session. This omission can allow remote attackers to access potentially sensitive data via script access to the coo...