Three cURL/libcurl vulknerabilities have been identified as applicable to the BigFix Platform which could allow and out of bounds write, bypass access restrictions or execute arbitrary code.
CVE(s): CVE-2016-8617, CVE-2016-8624, CVE-2016-8621
Affected product(s) and affected version(s):
BigFix Platform 9.0
BigFix Platform 9.1
BigFix Platform 9.2
BigFix Platform 9.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2q7kb4S
X-Force Database: http://ift.tt/2qROsCc
X-Force Database: http://ift.tt/2nvOe1t
X-Force Database: http://ift.tt/2ps7LTj
The post IBM Security Bulletin: Open Source cURL Libcurl, used by BigFix Platform, has security vulnerabilities (CVE-2016-8617 CVE-2016-8624 CVE-2016-8621) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2q7xiDd
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.