Libxml2 is vulnerable to a denial of service, caused by an out-of-bounds memory access when parsing an unclosed HTML comment. By not closing out an HTML comment, a remote attacker could exploit this vulnerability to trigger an out-of-bounds read and cause the system to crash.
CVE(s): CVE-2015-8710
Affected product(s) and affected version(s):
IBM BigFix Security Compliance Analytics 1.7
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2bQ1uZm
X-Force Database: http://ift.tt/25jNNH3
from IBM Product Security Incident Response Team http://ift.tt/2bQ2AEf
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.