4 matches found
Domino Sametime 8.0.1 Cross Site Scripting
Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...
Domino Sametime Multiple Reflected Cross-Site Scripting
Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...
Re: Domino Sametime Multiple Reflected Cross-Site Scripting
Hi, I discovered similar XSS affecting Domino Sametime some time ago... This XSS affects other scripts also... i.e. stcenter.nsf Here's an example: /stcenter.nsf?OpenDatabase&authReasonCode="scriptalertdocument.cookie;/script" Cheers Andrew...
IBM Lotus Domino Sametime STMux.exe Stack Buffer Overflow
This module exploits a stack buffer overflow in Lotus Domino's Sametime Server. By sending an overly long POST request to the Multiplexer STMux.exe service we are able to overwrite SEH. Based on the exploit by Manuel Santamarina Suarez. This module requires Metasploit:...