Apr 26, 2018 9:00 am EDT
Categorized: Medium Severity
Share this post:
XStream is vulnerable to a denial of service, caused by the improper handling of attempts to create an instance of the primitive type ‘void’ during unmarshalling. A remote attacker could exploit this vulnerability to cause the application to crash.
CVE(s): CVE-2017-7957
Affected product(s) and affected version(s):
IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22015573
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125800
from IBM Product Security Incident Response Team https://ift.tt/2HtUdBg
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.