Ibm: >> Lotus Notes Traveler >> 8.5.1.1 Security Vulnerabilities
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.
CVSS Score
4.0
EPSS Score
0.004
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request.
CVSS Score
4.0
EPSS Score
0.001
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, which allows remote authenticated users to bypass intended access restrictions by using credentials from a different domain.
CVSS Score
3.5
EPSS Score
0.001
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (daemon crash) by accepting a meeting invitation with an iNotes client and then accepting this meeting invitation with an iPhone client.
CVSS Score
2.1
EPSS Score
0.004
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended access restrictions via this operation.
CVSS Score
4.0
EPSS Score
0.001
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service (sync failure) via a malformed document.
CVSS Score
5.0
EPSS Score
0.006
Published
2010-12-16
Page 2