CVE-2009-5032

CWE-3105 documents5 sources
Severity
5.8MEDIUM
EPSS
0.3%
top 48.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Lotus Notes Traveler
Timeline
PublishedDec 16
Latest updateMay 2

Description

The encrypted e-mail feature in IBM Lotus Notes Traveler before 8.5.0.2 sends unencrypted messages when the feature is used without uploading a Notes ID file, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-jgrf-h7j6-9hvg: The encrypted e-mail feature in IBM Lotus Notes Traveler before 82022-05-02
CVEList
CVE-2009-5032: The encrypted e-mail feature in IBM Lotus Notes Traveler before 82010-12-16

💥Exploits & PoCs

1
Exploit-DB
VideoLAN VLC Media Player < 0.9.6 - 'CUE' Local Buffer Overflow (PoC)2009-09-15

💬Community

1
Bugzilla
clamav: security fixes in upstream 0.95.1 (CVE-2009-1371, CVE-2009-1372)2009-04-09
CVE-2009-5032 (MEDIUM CVSS 5.8) | The encrypted e-mail feature in IBM | cvebase.io