IBM Lotus Notes Traveler prior to 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of multiple users within the same thread.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm lotus notes traveler 8.0.1 |
||
ibm lotus notes traveler 8.0 |
||
ibm lotus notes traveler |
||
ibm lotus notes traveler 8.5.0.0 |
||
ibm lotus notes traveler 8.0.1.3 |
||
ibm lotus notes traveler 8.0.1.2 |