Remote Command Injection in IBM Sametime Client by IBM
CVE-2013-0553

Currently unrated

Key Information:

Vendor: IBM
Status: Sametime; Lotus Sametime
Vendor: CVE Published:; 28 April 2013

Summary

The client implementation in IBM Sametime versions 8.5.1 and 8.5.2.1 has a vulnerability that enables remote authenticated users to execute commands on individual chat participants or all users in a chat room. This exploitation can occur through specially crafted Sametime Instant Messages, allowing malicious actors to send unauthorized command sequences, potentially leading to unauthorized actions within the chat environment.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82915

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21633618

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 28, 2013
Vulnerability Reserved
Dec 16, 2012