Vulnerability Description
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Lotus Notes Traveler | <= 8.5.1.1 |
References
- http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829Vendor Advisory
- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Relea
- http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8
- http://www-1.ibm.com/support/docview.wss?uid=swg1LO49829Vendor Advisory
- http://www-10.lotus.com/ldd/dominowiki.nsf/dx/Lotus_Notes_Traveler_851_FP3_Relea
- http://www-10.lotus.com/ldd/dominowiki.nsf/page.xsp?documentId=A6604E906E0DF2DF8
FAQ
What is CVE-2010-4551?
CVE-2010-4551 is a vulnerability with a CVSS score of 4.0 (MEDIUM). IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person docum...
How severe is CVE-2010-4551?
CVE-2010-4551 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-4551?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Lotus Notes Traveler.