Home Unlabelled IBM Security Bulletin: IBM Notes is affected by Open Source XStream Vulnerabilities

IBM Security Bulletin: IBM Notes is affected by Open Source XStream Vulnerabilities

By
Friday, October 13, 2017
Read
Add Comment

An open source library XStream is vulnerable to a denial of service, caused by the improper handling of attempts to create an instance of the primitive type ‘void’ during unmarshalling. A remote attacker could exploit this vulnerability to cause the application to crash. IBM Notes consumes Open Source XStream library. IBM Notes has addressed these vulnerabilities

CVE(s): CVE-2017-7957

Affected product(s) and affected version(s):

IBM Notes 9.0.1 to 9.0.1 FP8.
IBM Notes 9.0 to 9.0 IF4.
IBM Notes 8.5.3 to 8.5.3 FP6 IF14
IBM Notes 8.5.2 to 8.5.2 FP4 IF3
IBM Notes 8.5.1 to 8.5.1 FP5 IF3
IBM Notes 8.5 release

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iak4md
X-Force Database: http://ift.tt/2welIEu

The post IBM Security Bulletin: IBM Notes is affected by Open Source XStream Vulnerabilities appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2gC3mIL
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us