Vulnerabilities > IBM > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-16 | CVE-2010-4552 | Resource Management Errors vulnerability in IBM Lotus Notes Traveler Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote attackers to cause a denial of service (memory consumption and daemon outage) by sending many embedded objects in e-mail messages for iPhone clients. | 5.0 |
2010-12-16 | CVE-2010-4551 | Unspecified vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation. | 4.0 |
2010-12-16 | CVE-2010-4550 | Improper Input Validation vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service (sync failure) via a malformed document. | 5.0 |
2010-12-16 | CVE-2010-4549 | Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended access restrictions via this operation. | 4.0 |
2010-12-16 | CVE-2010-4546 | Permissions, Privileges, and Access Controls vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request. | 4.0 |
2010-12-16 | CVE-2010-4545 | Resource Management Errors vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data. | 4.0 |
2010-12-16 | CVE-2010-4544 | Cross-Site Scripting vulnerability in IBM Lotus Notes Traveler Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2010-12-16 | CVE-2009-5036 | Denial-Of-Service vulnerability in Lotus Notes Traveler traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows remote authenticated users to cause a denial of service (daemon crash) via a malformed invitation document in a sync operation. | 4.0 |
2010-12-16 | CVE-2009-5035 | Information Exposure vulnerability in IBM Lotus Notes Traveler The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | 4.3 |
2010-12-16 | CVE-2009-5034 | Resource Management Errors vulnerability in IBM Lotus Notes Traveler IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data. | 4.0 |