IBM Connections Docs uses libxml2 to do document conversion, libxml2 has vulberability issue that could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error.
CVE(s): CVE-2016-4658
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BNOsuI
X-Force Database: http://ift.tt/2qnEQND
The post IBM Security Bulletin: IBM Connections Docs is affected by a libxml2 vulnerability (CVE-2016-4658) appeared first on IBM PSIRT Blog.
Affected IBM Connections Docs |
Affected Versions |
IBM Connections Docs |
2.0.0 |
from IBM Product Security Incident Response Team http://ift.tt/2BQHbKI
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.