libxml2 is vulnerable to a denial of service, caused by an error in the xmlStringGetNodeList() function when parsing xml files while in recover mode. An attacker could exploit this vulnerability to exhaust the stack and cause a segmentation fault.
CVE(s): CVE-2016-3627
Affected product(s) and affected version(s):
IBM Security Guardium Database Activity Monitor v 10.0, 10.0.1, 10.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2dvk6j3
X-Force Database: http://ift.tt/2b1F6Qx
from IBM Product Security Incident Response Team http://ift.tt/2dvkDBd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.