Attachment Download Bypass in IBM Lotus Notes Traveler

Attachment Download Bypass in IBM Lotus Notes Traveler

CVE-2010-4546 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request.

Learn more about our User Device Pen Test.