CVE-2009-5032

Name of the Vulnerable Software and Affected Versions IBM Lotus Notes Traveler versions prior to 8.5.0.2

Description The encrypted e-mail feature in IBM Lotus Notes Traveler has an issue where it sends unencrypted messages when used without uploading a Notes ID file. This makes it easier for remote attackers to obtain sensitive information by sniffing the network.

Recommendations For versions prior to 8.5.0.2, update to version 8.5.0.2 or later to resolve the issue. As a temporary workaround, consider uploading a Notes ID file when using the encrypted e-mail feature to ensure messages are sent encrypted.