Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Sametime Meeting Server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-3088 1 Ibm 1 Sametime Meeting Server 2017-01-06 5.5 MEDIUM N/A
stconf.nsf in IBM Sametime Meeting Server 8.5.1 relies on the client to validate the file format used in wAttach?OpenForm multipart/form-data POST requests, which allows remote authenticated users to bypass intended upload restrictions by modifying the Content-Type header and file extension, as demonstrated by replacing a text/plain .txt upload with an application/octet-stream .exe upload.