Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm sametime 9.0.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-6742
The Meeting Server in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
7.5
CVSSv2
CVE-2013-3983
The Meeting Server in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not validate URLs in Cookie headers before using them in redirects, which has unspecified impact and remote attack vectors.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
6.8
CVSSv2
CVE-2016-2980
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. IBM X-Force ID: 113993.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
6.8
CVSSv2
CVE-2014-3015
Cross-site request forgery (CSRF) vulnerability in the Web player in IBM Sametime Proxy Server and Web Client 9.0 up to and including 9.0.0.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Sametime Proxy Server And Web Client 9.0.0.1
Ibm Sametime Proxy Server And Web Client 9.0.0.0
6.8
CVSSv2
CVE-2013-3988
The Meeting Server in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 allows remote malicious users to conduct clickjacking attacks via unspecified vectors.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
6
CVSSv2
CVE-2016-0354
IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user to upload a malicious file to a Sametime meeting room, that could be downloaded by unsuspecting users which could be executed with user privileges. IBM X-Force ID: 111893.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
5
CVSSv2
CVE-2016-2964
IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. IBM X-Force ID: 113813.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
5
CVSSv2
CVE-2016-2971
IBM Sametime Media Services 8.5.2 and 9.0 can disclose sensitive information in stack trace error logs that could aid an attacker in future attacks. IBM X-Force ID: 113898.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.5.2.1
Ibm Sametime 9.0.0.1
Ibm Sametime 8.5.2.0
Ibm Sametime 9.0.1
5
CVSSv2
CVE-2014-3867
The Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive information...
Ibm Sametime 9.0.0.0
Ibm Sametime 8.0.1.1
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.2.1
Ibm Sametime 8.0.0.0
5
CVSSv2
CVE-2013-3975
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x up to and including 8.5.2.1 and 9.x up to and including 9.0.0.1 allows remote malicious users to discover user names, full names, and e-mail addresses via a search.
Ibm Sametime 9.0.0.0
Ibm Sametime 8.0.1.1
Ibm Sametime 8.5.1.0
Ibm Sametime 8.5.2.1
Ibm Sametime 8.5.1.1
Ibm Sametime 8.5.0.0
Ibm Sametime 9.0.0.1
Ibm Sametime 8.0.1.0
Ibm Sametime 8.5.2.0
Ibm Sametime 8.0.2.0
Ibm Sametime 8.0.2.1
Ibm Sametime 8.0.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »