IBM Security Bulletin: IBM Forms Experience Builder could be susceptible to Apache POI Vulnerabilities

IBM Forms Experience Builder could be susceptible to allowing for a denial of service, cause by an error in Apache POI Libraries

CVE(s): CVE-2014-3574, CVE-2014-3529, CVE-2016-5000

Affected product(s) and affected version(s):

IBM Forms Experience Builder 8.5
IBM Forms Experience Builder 8.5.1
IBM Forms Experience Builder 8.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2k4Vhi3
X-Force Database: http://ift.tt/2cOGReI
X-Force Database: http://ift.tt/2cOIhpQ
X-Force Database: http://ift.tt/2dFewhf

from IBM Product Security Incident Response Team http://ift.tt/2k4XH06