Vulnerabilities > CVE-2007-4142 - Cross-Site Scripting vulnerability in IBM Lotus Sametime Server

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

ibm

NVD

Published: 2007-08-03

Updated: 2017-07-29

Summary

Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Sametime - IBM Lotus Sametime 1.5 IBM Lotus Sametime 2.5 IBM Lotus Sametime 7.0 IBM Lotus Sametime 7.5	5

References

http://osvdb.org/36462
http://secunia.com/advisories/26302
http://www.securityfocus.com/bid/25167
http://www.securitytracker.com/id?1018502
http://www.vupen.com/english/advisories/2007/2734
http://www-1.ibm.com/support/docview.wss?uid=swg21266789
https://exchange.xforce.ibmcloud.com/vulnerabilities/35731