IBM Lotus Sametime Connect Client Mouseover XSS

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has a chat client installed that is affected by
a cross-site scripting vulnerability.

Description :

The version of IBM Lotus Sametime Connect installed on the remote
Windows host is 7.5 or 7.5.1. Such versions are potentially affected by
a cross-site scripting vulnerability. By tricking a user into moving
the mouse cursor over specially crafted content, an attacker could
execute arbitrary script code on the remote host subject to the
privileges of the user running the affected application.

See also :

Solution :

Upgrade to Lotus Sametime Connect Client 7.5.1 CF1 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.7
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 70072 ()

Bugtraq ID: 27316

CVE ID: CVE-2008-0354

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now