Vulnerabilities > IBM > Lotus Notes Traveler
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-16 | CVE-2009-5036 | Denial-Of-Service vulnerability in Lotus Notes Traveler traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows remote authenticated users to cause a denial of service (daemon crash) via a malformed invitation document in a sync operation. | 4.0 |
2010-12-16 | CVE-2009-5035 | Information Exposure vulnerability in IBM Lotus Notes Traveler The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | 4.3 |
2010-12-16 | CVE-2009-5034 | Resource Management Errors vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data. | 4.0 |
2010-12-16 | CVE-2009-5033 | Information Exposure vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a certain tell command, which allows remote authenticated users to obtain access to other users' data via a sync operation, related to storage of the data of multiple users within the same thread. | 4.0 |
2010-12-16 | CVE-2009-5032 | Cryptographic Issues vulnerability in IBM Lotus Notes Traveler The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | 5.8 |