Lotus Notes Traveler Security Vulnerabilities and Issues — Lotus Notes Traveler CVE List

Lucene search

IbmLotus Notes Traveler

10 matches found

CVE•added 2010/12/16 8:0 p.m.•41 views

CVE-2010-4545

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.

4CVSS6.3AI score0.00406EPSS

CVE•added 2010/12/16 8:0 p.m.•39 views

CVE-2009-5035

The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages.

4.3CVSS6.6AI score0.00225EPSS

CVE•added 2010/12/16 8:0 p.m.•39 views

CVE-2009-5036

traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows remote authenticated users to cause a denial of service (daemon crash) via a malformed invitation document in a sync operation.

4CVSS6.2AI score0.00405EPSS

CVE•added 2010/12/16 8:0 p.m.•38 views

CVE-2010-4544

Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.7AI score0.00256EPSS

CVE•added 2010/12/16 8:0 p.m.•38 views

CVE-2010-4551

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation.

4CVSS5.9AI score0.00406EPSS

CVE•added 2012/10/08 10:47 a.m.•38 views

CVE-2012-4825

Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) userId or (2) address parameter in a getClientConfigFile action.

4.3CVSS5.6AI score0.00236EPSS

CVE•added 2010/12/16 8:0 p.m.•37 views

CVE-2010-4549

IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended access restrictions via this operation.

4CVSS6.2AI score0.00137EPSS

CVE•added 2010/12/16 8:0 p.m.•36 views

CVE-2009-5034

IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data.

4CVSS6.3AI score0.00457EPSS

CVE•added 2010/12/16 8:0 p.m.•35 views

CVE-2010-4546

IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request.

4CVSS6.3AI score0.00137EPSS

CVE•added 2010/12/16 8:0 p.m.•32 views

CVE-2009-5033

IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of multiple users within the same thread.

4CVSS6.2AI score0.00202EPSS