Main Vulnerability Database Vulnerabilities #VU41626

#VU41626 Input validation error in Sametime - CVE-2013-3975

Published: May 26, 2014 / Updated: August 11, 2020

Vulnerability identifier: #VU41626

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/U:Green

CVE-ID: CVE-2013-3975

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vulnerable software:
Sametime

Software vendor:
IBM Corporation

Description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a search.

Remediation

Install update from vendor's website.

External links

http://www-01.ibm.com/support/docview.wss?uid=swg21671201
https://exchange.xforce.ibmcloud.com/vulnerabilities/84855

#VU41626 Input validation error in Sametime - CVE-2013-3975

Description

Remediation

External links

Please verify you're human