Main Vulnerability Database Vulnerabilities #VU42042

Input validation error in Sametime - CVE-2013-3988

Published: February 14, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU42042

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2013-3988

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
Sametime

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

How to mitigate CVE-2013-3988

Install update from vendor's website.

Sources

http://www-01.ibm.com/support/docview.wss?uid=swg21662928
https://exchange.xforce.ibmcloud.com/vulnerabilities/84973

Input validation error in Sametime - CVE-2013-3988

Detailed vulnerability description

How to mitigate CVE-2013-3988

Sources

Please verify you're human