Vulnerabilities > CVE-2010-4551 - Unspecified vulnerability in IBM Lotus Notes Traveler

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ibm

NVD

Published: 2010-12-16

Updated: 2010-12-17

Summary

IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation. Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Lotus Notes Traveler 8.0 IBM Lotus Notes Traveler 8.0.1 IBM Lotus Notes Traveler 8.0.1.2 IBM Lotus Notes Traveler 8.0.1.3 IBM Lotus Notes Traveler 8.5.0.0 IBM Lotus Notes Traveler 8.5.0.1 IBM Lotus Notes Traveler 8.5.0.2 IBM Lotus Notes Traveler 8.5.1.1	8

Summary

Vulnerable Configurations

References