Home Unlabelled IBM Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in nss, nss-util, and nspr (CVE-2016-1978, CVE-2016-1979)

IBM Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in nss, nss-util, and nspr (CVE-2016-1978, CVE-2016-1979)

By
Monday, July 18, 2016
Read
Add Comment

Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. IBM Security Access Manager for Web uses NSS and is affected by two use-after-free flaws that have been identified in the NSS libraries.

CVE(s): CVE-2016-1978, CVE-2016-1979

Affected product(s) and affected version(s):

IBM Security Access Manager for Web 7.0 appliances

IBM Security Access Manager for Web 8.0, all firmware versions

IBM Security Access Manager 9.0, all firmware versions

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/29OEygp
X-Force Database: http://ift.tt/1TuzxZZ
X-Force Database: http://ift.tt/20vxDHr



from IBM Product Security Incident Response Team http://ift.tt/29OI7Ps
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us