SymmetricalDataSecurity: IBM Security Bulletin: IBM Cognos Disclosure Management could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document (CVE-2016-6077)

Friday, October 21, 2016

IBM Security Bulletin: IBM Cognos Disclosure Management could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document (CVE-2016-6077)

A specific usage scenario of IBM Cognos Disclosure Management could allow an Excel Macro execution on the client machine.

CVE(s): CVE-2016-6077

Affected product(s) and affected version(s):

Cognos Disclosure Management 10.2.0 – 10.2.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2enSuhK
X-Force Database: http://ift.tt/2dUF6hH

from IBM Product Security Incident Response Team http://ift.tt/2enXrXN

SymmetricalDataSecurity

Friday, October 21, 2016

IBM Security Bulletin: IBM Cognos Disclosure Management could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document (CVE-2016-6077)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews