Vulnerabilities > IBM > Lotus Sametime
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-03-01 | CVE-2011-1106 | Cross-Site Scripting vulnerability in IBM Lotus Sametime 8.0/8.0.1 Cross-site scripting (XSS) vulnerability in stcenter.nsf in the server in IBM Lotus Sametime allows remote attackers to inject arbitrary web script or HTML via the authReasonCode parameter in an OpenDatabase action. | 4.3 |
2011-02-22 | CVE-2011-1038 | Cross-Site Scripting vulnerability in IBM Lotus Sametime 8.0.1 Multiple cross-site scripting (XSS) vulnerabilities in stconf.nsf in the server in IBM Lotus Sametime 8.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the messageString parameter in a WebMessage action or (2) the PATH_INFO. | 4.3 |
2010-09-15 | CVE-2010-3398 | Unspecified vulnerability in IBM Lotus Sametime Connect Web Container Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 before CF1 has unknown impact and attack vectors, aka SPRs LXUU87S57H and LXUU87S93W. | 10.0 |
2008-05-29 | CVE-2008-2499 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Lotus Sametime Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL. | 7.5 |
2008-01-18 | CVE-2008-0354 | Cross-Site Scripting vulnerability in IBM Lotus Sametime 7.5/7.5.1 Cross-site scripting (XSS) vulnerability in the chat client in IBM Lotus Sametime 7.5 and 7.5.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted message, which triggers code execution after a mouseover event initiated by the victim. | 4.3 |
2007-12-10 | CVE-2007-6295 | Cross-Site Scripting vulnerability in IBM Lotus Sametime Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime before 8.0 allows remote attackers to inject arbitrary web script or HTML via the URI. | 4.3 |
2007-08-03 | CVE-2007-4142 | Cross-Site Scripting vulnerability in IBM Lotus Sametime Server Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting. network ibm | 4.3 |
2007-03-31 | CVE-2007-1784 | Unspecified vulnerability in IBM Lotus Sametime The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function. | 9.3 |