Home Unlabelled IBM Security Bulletin: IBM Domino is affected by an XStream XML information disclosure (CVE-2016-3674)

IBM Security Bulletin: IBM Domino is affected by an XStream XML information disclosure (CVE-2016-3674)

By
Wednesday, July 20, 2016
Read
Add Comment

IBM Domino includes a version of XStream which could allow a remote attacker to obtain sensitive information, caused by an error when processing XML external entities.

CVE(s): CVE-2016-3674

Affected product(s) and affected version(s):

ProductVersionFix Download Link
IBM Domino901 FP6 Interim Fix 2http://ift.tt/2a9J1Z2
IBM Domino853 FP6 Interim Fix 14http://ift.tt/29Pdo3f

Customers who remain on the following releases may open a Service Request with IBM Support and reference SPR KLYHA8XLA2 for custom fixes.

  • IBM Domino 9.0.1 FP6 IF1and earlier releases
  • IBM Domino 9.0 IF4 and earlier releases
  • IBM Domino 8.5.3 FP6 IF13 and earlier releases
  • IBM Domino 8.5 release

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/29hwJ0Y
X-Force Database: http://ift.tt/29PdtE9



from IBM Product Security Incident Response Team http://ift.tt/2a9HpyE
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us