IBM Cloud Manager with Openstack is vulnerable to a Apache Xerces-C XML Parser library vulnerablities. Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing a deeply nested DTD. A remote attacker could exploit this vulnerability to cause a denial of service.
CVE(s): CVE-2016-4463
Affected product(s) and affected version(s):
IBM Cloud Manager with OpenStack 4.3.0 through 4.3.0.6
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2if9yF6
X-Force Database: http://ift.tt/2b5BVXc
from IBM Product Security Incident Response Team http://ift.tt/2if2nwH
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.