The IBM Notes Traveler Companion application 1.0 and 1.1 prior to 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote malicious users to capture credentials by conducting a phishing attack involving an encrypted e-mail message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm notes traveler companion 1.1 |
||
ibm notes traveler companion 1.0 |