SymmetricalDataSecurity: IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content navigator, is affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability

Tuesday, December 19, 2017

IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content navigator, is affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability

FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content Navigator, has addressed the following vulnerability. Ability to execute remote attacker’s arbitrary code on a target machine by leveraging the untrusted data in DiskFileItem class of FileUpload library

CVE(s): CVE-2016-1000031

Affected product(s) and affected version(s):

IBM Content Navigator 2.0.3.8
IBM Content Navigator 3.0
IBM Content Navigator 3.0.1
IBM Content Navigator 3.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2D5S491
X-Force Database: http://ift.tt/2hLFPWm

The post IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content navigator, is affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2D5SbkX

SymmetricalDataSecurity

Tuesday, December 19, 2017

IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which is shipped with IBM Content navigator, is affected by the ability to execute remote attacker’s arbitrary code on a target machine vulnerability

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews