Ibm: >> Lotus Notes Traveler Security Vulnerabilities
IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly apply policy documents to mobile users from a different Domino domain than the Traveler server, which allows remote authenticated users to bypass intended access restrictions by using credentials from a different domain.
CVSS Score
3.5
EPSS Score
0.001
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (daemon crash) by accepting a meeting invitation with an iNotes client and then accepting this meeting invitation with an iPhone client.
CVSS Score
2.1
EPSS Score
0.004
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data operation for a prohibited application, which allows remote authenticated users to bypass intended access restrictions via this operation.
CVSS Score
4.0
EPSS Score
0.001
Published
2010-12-16
IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service (sync failure) via a malformed document.
CVSS Score
5.0
EPSS Score
0.006
Published
2010-12-16
The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
CVSS Score
5.8
EPSS Score
0.003
Published
2010-12-16
Page 3