The Connect client in IBM Sametime 8.5.2 up to and including 8.5.2.1 and 9.0 before HF1 does not properly restrict unsigned Java plugins, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm sametime 8.5.2.0 |
||
ibm sametime 8.5.2.1 |
||
ibm sametime 9.0.0.0 |