Information Disclosure Vulnerability in IBM Sametime Client
CVE-2013-0534

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Sametime; Sametime
Vendor: CVE Published:; 21 June 2013

Summary

The Connect client in IBM Sametime versions 8.5.1 through 8.5.2.1 may allow local users to access sensitive information due to the persistence of cleartext password strings stored in the process memory. This vulnerability can be exploited to retrieve passwords, posing a potential risk to user data and overall system security.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21635218

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/82656

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jun 21, 2013
Vulnerability Reserved
Dec 16, 2012