Security Bulletin: Vulnerability in Sametime Clients - Password can be found on the clear on client's memory (CVE-2013-0534)
Low risk vulnerability in Sametime clients. If someone gets access to the machine of the Sametime user, it is possible to scan the memory of the client and find the password of the user on the clear. Issue may be intermittent and be cleared sometime after login.
Affected product(s) and version(s):
Sametime Connect client (stand-alone)
Embedded Sametime in the Lotus Notes client
On: Linux. MAC OS/X, Windows
Versions: 8.5.1, 18.104.22.168, 22.214.171.124, 8.5.2, 126.96.36.199
Refer to the following reference URLs for remediation and additional vulnerability details.