Release date:
Updated on:
Affected Systems:
IBM Platform Symphony 6.1.0
IBM Platform Symphony 5.2
Description:
--------------------------------------------------------------------------------
Bugtraq id: 65065
CVE (CAN) ID: CVE-2013-6305
IBM Lotus Symphony is a free office software released by IBM.
IBM Platform Symphony 5.2 and 6.1.0.1 use the same credential encryption key in different user installations, which allows independent attackers to obtain sensitive information.
<* Source: vendor
Link: http://xforce.iss.net/xforce/xfdb/88536
Http://www-01.ibm.com/support/docview.wss? Uid = isg3T1020528
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
For this reason, IBM has released a Security Bulletin (isg3T1020528) and corresponding patches:
Isg3T1020528: http://www-01.ibm.com/support/docview.wss? Uid = isg3T1020528
Link: http://www-01.ibm.com/support/docview.wss? Uid = isg3T1020528