Vulnerabilities > IBM > Sametime > 8.5.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-08 | CVE-2012-3331 | Information Exposure vulnerability in IBM Sametime IBM Sametime allows remote attackers to obtain sensitive information from the Sametime Log database via a direct request to STLOG.NSF. | 5.0 |
| 2017-08-29 | CVE-2016-2980 | Injection vulnerability in IBM Sametime The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site can inject their own script by exploiting a vulnerability in the way that the WebPlayer works. | 6.8 |
| 2017-08-29 | CVE-2016-2978 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 could store potentially sensitive information from the browser cache locally that could be available to a local user. | 2.1 |
| 2017-08-29 | CVE-2016-2976 | Information Exposure vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could allow a meeting invitee to obtain previously cleared sensitive information by viewing the meeting report history. | 4.0 |
| 2017-08-29 | CVE-2016-2975 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-29 | CVE-2016-2974 | Information Exposure vulnerability in IBM Sametime IBM Sametime Connect 8.5.2 and 9.0, after uninstalling the Sametime Rich Client, could disclose potentially sensitive information related to the Sametime environment as well as other users on the local machine of the user. | 2.1 |
| 2017-08-29 | CVE-2016-2967 | Cross-site Scripting vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 is vulnerable to cross-site scripting. | 3.5 |
| 2017-08-29 | CVE-2016-2966 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.1 and 9.0 could allow an authenticated user to enumerate meeting rooms by guessing the meeting room id. | 4.0 |
| 2017-08-29 | CVE-2016-2964 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 under certain conditions provides an error message to a user that is too detailed and may reveal details about the application. | 5.0 |
| 2017-08-29 | CVE-2016-0358 | Information Exposure vulnerability in IBM Sametime IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. | 4.0 |