Home Unlabelled IBM Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-4463)

IBM Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-4463)

By
Saturday, September 09, 2017
Read
Add Comment

Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by a stack-based buffer overflow when parsing a deeply nested DTD. A remote attacker could exploit this vulnerability to cause a denial of service.

CVE(s): CVE-2016-4463

Affected product(s) and affected version(s):

IBM Tivoli Composite Application Manager (ITCAM) for Transactions : Versions 7.4 is affected

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2wgsxpb
X-Force Database: http://ift.tt/2b5BVXc

The post IBM Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-4463) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2wgsxWd
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us