IBM Security Bulletin: IBM Security Access Manager for Mobile is affected by a vulnerability in nss-util (CVE-2016-1950)
Network Security Services (NSS), which is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A heap-based buffer overflow vulnerability in the NSS libraries affects IBM Security Access Manager for Mobile.
CVE(s): CVE-2016-1950
Affected product(s) and affected version(s):
IBM Security Access Manager for Mobile 8.0, all firmware versions
IBM Security Access Manager 9.0, all firmware versions
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1TJLnKC
X-Force Database: http://ift.tt/1WhPjWT
from IBM Product Security Incident Response Team http://ift.tt/1TJLS7r