Denial of Service Vulnerability in IBM Lotus Sametime WebPlayer Extension
CVE-2013-3986

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Sametime
Vendor: CVE Published:; 8 November 2013

What is CVE-2013-3986?

A vulnerability exists in IBM Lotus Sametime versions 8.5.2 and 8.5.2.1 that allows remote attackers to disrupt service by causing the WebPlayer Firefox extension to crash. This can be exploited through specially crafted Audio Visual (AV) sessions, leading to a denial of service condition.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21654041

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/84969

vdb-entryx_refsource_XF

EPSS Score

40% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 8, 2013
Vulnerability Reserved
Jun 7, 2013