SymmetricalDataSecurity: IBM Security Bulletin: zlib vulnerability may affect IBM® SDK, Java™ Technology Edition

Friday, June 30, 2017

IBM Security Bulletin: zlib vulnerability may affect IBM® SDK, Java™ Technology Edition

zlib is vulnerable to a denial of service, caused by an out-of-bounds pointer arithmetic in inftrees.c. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service.

CVE(s): CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843

Affected product(s) and affected version(s):

IBM SPSS Analytic Server 2.0.1.0
IBM SPSS Analytic Server 2.0.0.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2ttD4PW
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv

The post IBM Security Bulletin: zlib vulnerability may affect IBM® SDK, Java™ Technology Edition appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2ur6POz

SymmetricalDataSecurity

Friday, June 30, 2017

IBM Security Bulletin: zlib vulnerability may affect IBM® SDK, Java™ Technology Edition

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews