Aug 12, 2020 8:00 pm EDT
Categorized: High Severity
Share this post:
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object’s initialization is mishandled. Or the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
Affected product(s) and affected version(s):
| Affected Product(s) | Version(s) |
| IBM Tivoli Composite Application Manager for Transactions (Response Time) | 7.4.0.2 |
| IBM Tivoli Composite Application Manager for Transactions (Response Time) | 7.4.0.1 |
| IBM Cloud Application Performance Management – Response Time Monitoring Agent | 8.1.4 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/6258179
from IBM Product Security Incident Response Team https://ift.tt/30NVhYW
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.