Apr 19, 2018 9:01 am EDT
Categorized: High Severity
Share this post:
IBM API Connect has addressed the following vulnerability. Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by a race condition in the mod_status module when handling the scoreboard. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVE(s): CVE-2014-0226
Affected product(s) and affected version(s):
| Affected API Connect | Affected Versions |
| IBM API Connect | 5.0.0.0-5.0.6.5 |
| IBM API Connect | 5.0.7.0-5.0.7.2 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22015233
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/94678
from IBM Product Security Incident Response Team https://ift.tt/2JWNDAW
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.