Home Unlabelled IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products

IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products

By
Tuesday, November 07, 2017
Read
Add Comment

SQLite is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by getNodeSize function in ext/rtree/rtree.c. By using a specially-crafted database, a remote attacker could overflow a buffer and cause unspecified impacts on the system.

CVE(s): CVE-2017-10989

Affected product(s) and affected version(s):

IBM Monitoring 8.1.3

IBM Application Performance Management 8.1.3

IBM Application Performance Management Advanced 8.1.3
IBM Cloud Application Performance Management, Base Private 8.1.4

IBM Cloud Application Performance Management, Advanced Private 8.1.4

IBM Cloud Application Performance Management

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iCoajw
X-Force Database: http://ift.tt/2h9mEc4

The post IBM Security Bulletin: A vulnerability in the SQLite component of the Response Time agent affects IBM Performance Management products appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2iCip5l
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us