Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-5032 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-04 | 5.8 MEDIUM | N/A |
The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. | |||||
CVE-2009-5034 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-04 | 4.0 MEDIUM | N/A |
IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data. | |||||
CVE-2010-4546 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-04 | 4.0 MEDIUM | N/A |
IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request. | |||||
CVE-2009-5035 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-04 | 4.3 MEDIUM | N/A |
The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages. | |||||
CVE-2010-4547 | 1 Ibm | 1 Lotus Notes Traveler | 2024-02-04 | 3.5 LOW | N/A |
IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, which allows remote authenticated users to bypass intended access restrictions by using credentials from a different domain. |