IBM Lotus Sametime Connect Client Information Disclosure

Medium Nessus Plugin ID 72619


The remote Windows host has a chat client that is affected by an information disclosure vulnerability.


The version of IBM Lotus Sametime Connect installed on the remote Windows host is potentially affected by an information disclosure vulnerability. A flaw in the application allows installation and execution of unsigned Java plugins, which may access confidential user information.


Apply the patch referenced in the advisory.

See Also

Plugin Details

Severity: Medium

ID: 72619

File Name: lotus_sametime_connect_swg21662725.nasl

Version: $Revision: 1.3 $

Type: local

Agent: windows

Family: Windows

Published: 2014/02/21

Modified: 2017/07/19

Dependencies: 70071

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:sametime

Required KB Items: SMB/IBM Lotus Sametime Client/Path, SMB/IBM Lotus Sametime Client/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2014/01/23

Vulnerability Publication Date: 2014/01/29

Reference Information

CVE: CVE-2013-6727

BID: 65266

OSVDB: 102658