An IBM Form (XFDL document) that contains a specially crafted mark-up could crash IBM Forms Viewer. This may expose a vulnerability in its use of the Apache Xerces-C XML Parser library.
CVE(s): CVE-2016-0729
Affected product(s) and affected version(s):
IBM Forms Viewer 8.0.1
IBM Forms Viewer 8.1
IBM Forms Viewer 8.2
IBM Forms Viewer 8.2.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2c9VRXS
X-Force Database: http://ift.tt/297OoIU
from IBM Product Security Incident Response Team http://ift.tt/2c9VLjg
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.