First published: Thu Dec 16 2010(Updated: )
The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple outgoing e-mail messages between sync operations, which might allow remote attackers to read communications intended for other recipients by examining appended messages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Lotus Notes Intellisync | <=8.5.0.1 | |
IBM Lotus Notes Intellisync | =8.0 | |
IBM Lotus Notes Intellisync | =8.0.1 | |
IBM Lotus Notes Intellisync | =8.0.1.2 | |
IBM Lotus Notes Intellisync | =8.0.1.3 | |
IBM Lotus Notes Intellisync | =8.5.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-5035 has a medium severity level due to potential unauthorized access to sensitive email communications.
To fix CVE-2009-5035, upgrade to IBM Lotus Notes Traveler version 8.5.0.2 or later.
CVE-2009-5035 affects IBM Lotus Notes Traveler versions before 8.5.0.2 as well as specific versions like 8.0 and 8.5.0.0.
CVE-2009-5035 is a communication interception vulnerability that allows unauthorized access to email messages.
Organizations using affected versions of IBM Lotus Notes Traveler for email communication are at risk for CVE-2009-5035.