Design/Logic Flaw

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service memory consumption and HTTP-AS hang by making many connection requests that...

CVE-2010-4595

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services HTTP-AS, which allows remote attackers to bypass intended access restrictions via an HTTP request that contains a disallowed User-Agent header...

CVE-2010-4591

The CVE-2010-4591 entry concerns IBM Lotus Mobile Connect (LMC)

CVE-2010-4594

The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services HTTP-AS is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service memory consumption and HTTP-AS hang by making many connection requests that...

CVE-2010-4594

CVE-2010-4594 affects IBM Lotus Mobile Connect (Connection Manager) before 6.1.4 when HTTP Access Services is enabled. The vulnerability arises from improper handling of TCP connection requests, allowing remote attackers to trigger queue size delta errors that cause memory consumption and an HTTP...

CVE-2010-4590

CVE-2010-4590 describes a Cross-site scripting (XSS) vulnerability in the HTTP Access Services (HTTP-AS) component of IBM Lotus Mobile Connect (LMC) prior to version 6.1.4. The flaw affects the Connection Manager and allows remote attackers to inject arbitrary web script or HTML via unspecified v...