IBM Cloud Manager with Openstack is vulnerable to a Apache Xerces-C XML Parser library vulnerablities. Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute arbitrary code on the system.
CVE(s): CVE-2016-0729
Affected product(s) and affected version(s):
IBM Cloud Manager with OpenStack 4.3.0 through 4.3.0.6
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iUSoxM
X-Force Database: http://ift.tt/297OoIU
from IBM Product Security Incident Response Team http://ift.tt/2iUJrVu
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.