Sign in
CVE-2009-5033
CVE-2009-5033
Description
IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of multiple users within the same thread.
Impact
CVSS v2 : 4 MEDIUM
Type
CWE-200
Attack Vector
CVSSv2 Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N
Quick links
CVE
,
NVD
,
CERT
,
Metasploit
,
Exploit-db
,
Fulldisc
,
Bugtraq
,
Microsoft
,
Red Hat
,
Debian
, GitHub
code
/
issues
,
Google
References
http://www-01.ibm.com/support/docview.wss?uid=swg24019529&aid=1
http://www-1.ibm.com/support/docview.wss?uid=swg1LO41040
http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8525778B005D4466&action=openDocument
https://exchange.xforce.ibmcloud.com/vulnerabilities/64742
FAQ
Terms of service
Privacy policy
