CVE-2009-5034 — IBM Lotus Notes Traveler vulnerability

CWE-3993 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.5%

top 36.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Lotus Notes Traveler

Timeline

PublishedDec 16

Latest updateMay 2

Description

IBM Lotus Notes Traveler before 8.5.0.2 allows remote authenticated users to cause a denial of service (memory consumption and daemon crash) by syncing a large volume of data, related to the launch of a new process to handle the data while the previous process is still operating on the data.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/lotus_notes_traveler8.5.0.1+5

🔴Vulnerability Details

GHSA

GHSA-x8vf-gpmh-vv2c: IBM Lotus Notes Traveler before 8↗2022-05-02

▶

CVEList

CVE-2009-5034: IBM Lotus Notes Traveler before 8↗2010-12-16

▶