Security Vulnerability Technote available for Sametime
Category None
A new security vulnerability technote has been published for Lotus Sametime which documents a potential vulnerability that impacts the Lotus Sametime Client. This vulnerability could result in either a denial of service (client crash) or remote execution of code on the client. The technote "Potential Cross Site Scripting (XSS) vulnerability in IBM Lotus Sametime Client " (# 1292938) can be found at: http://www.ibm.com/support/docview.wss?rs=463&uid=swg21292938
A new security vulnerability technote has been published for Lotus Sametime which documents a potential vulnerability that impacts the Lotus Sametime Client. This vulnerability could result in either a denial of service (client crash) or remote execution of code on the client. The technote "Potential Cross Site Scripting (XSS) vulnerability in IBM Lotus Sametime Client " (# 1292938) can be found at: http://www.ibm.com/support/docview.wss?rs=463&uid=swg21292938
This is similar to some security issues I found in the Sametime Client during the beta before 7.5.0 shipped, I'm glad to say IBM fixed those issues pretty quickly when I reported them, so they never existed in the Gold version when it shipped.