Home Unlabelled IBM Security Bulletin: A vulnerability in SQLite affects IBM Tivoli Composite Application Manager for Transactions (CVE-2017-10989)

IBM Security Bulletin: A vulnerability in SQLite affects IBM Tivoli Composite Application Manager for Transactions (CVE-2017-10989)

By
Friday, November 03, 2017
Read
Add Comment

SQLite is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by getNodeSize function in ext/rtree/rtree.c. By using a specially-crafted database, a remote attacker could overflow a buffer and cause unspecified impacts on the system.

CVE(s): CVE-2017-10989

Affected product(s) and affected version(s):

IBM Tivoli Composite Application Manager (ITCAM) for Transactions: Version 7.4 is affected

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2zc4VYo
X-Force Database: http://ift.tt/2h9mEc4

The post IBM Security Bulletin: A vulnerability in SQLite affects IBM Tivoli Composite Application Manager for Transactions (CVE-2017-10989) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2zbAlxU
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us