Home Unlabelled IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Cúram Social Program Management (CVE-2016-1000031)

IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Cúram Social Program Management (CVE-2016-1000031)

By
Wednesday, January 10, 2018
Read
Add Comment

IBM Cúram Social Program Management uses the Apache Commons FileUpload Library. Apache Commons FileUpload, as used in Novell NetIQ Sentinel and other products, could allow a remote attacker to execute arbitrary code on the system, caused by deserialization of untrusted data in DiskFileItem class of the FileUpload library.

CVE(s): CVE-2016-1000031

Affected product(s) and affected version(s):

IBM Cúram Social Program Management 7.0.2.0 – 7.0.2.0
IBM Cúram Social Program Management 7.0.0.0 – 7.0.1.1
IBM Cúram Social Program Management 6.2.0.0 – 6.2.0.6
IBM Cúram Social Program Management 6.1.0.0 – 6.1.1.6
IBM Cúram Social Program Management 6.0.5.0 – 6.0.5.10

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2CVLIMv
X-Force Database: http://ift.tt/2hLFPWm

The post IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Cúram Social Program Management (CVE-2016-1000031) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2mpaYkH
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us