SWF files that are shipped with the IBM Cúram Social Program Management product are compiled with a vulnerable version of the Adobe Flex SDK.
CVE(s): CVE-2017-1106
Affected product(s) and affected version(s):
IBM Cúram Social Program Management 7.0.0.0 – 7.0.0.1
IBM Cúram Social Program Management 6.2.0.0 – 6.2.0.4
IBM Cúram Social Program Management 6.1.1.0 – 6.1.1.4
IBM Cúram Social Program Management 6.1.0.0 – 6.1.0.4
IBM Cúram Social Program Management 6.0.5.0 – 6.0.5.10
IBM Cúram Social Program Management 6.0.4.0 – 6.0.4.9
IBM Cúram Social Program Management 6.0.0.0 – 6.0.0 SP2
IBM Cúram Social Program Management 5.2.0.0 – 5.2.0 SP6
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2udTlWC
X-Force Database: http://ift.tt/2tg1egQ
The post IBM Security Bulletin: Security vulnerability in SWF files shipped with IBM Cúram Social Program Management (CVE-2017-1106) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2udUVYe
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.