Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2499

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-2499
Last Modified 07 Mar 2011 10:09:17
Published 29 May 2008 12:32:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2499

Summary

Stack-based buffer overflow in the Community Services Multiplexer (aka MUX or StMux.exe) in IBM Lotus Sametime 7.5.1 CF1 and earlier, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code via a crafted URL.

Vulnerable Systems

Application

  • Ibm Lotus Sametime 6.5.1 Fp1

  • Ibm Lotus Sametime 7.0

  • Ibm Lotus Sametime 7.5.1 Cf1

  • Ibm Lotus Sametime 8.0


References

XF - sametime-stmux-bo(42575)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-028/

VUPEN - ADV-2008-1595

SECTRACK - 1020093

BID - 29328

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21303920

SECUNIA - 30309


Last Updated: 27 May 2016 10:47:53