Home Unlabelled IBM Security Bulletin: IBM API Connect is affected by an Apache HTTP Server vulnerability (CVE-2014-0226)

IBM Security Bulletin: IBM API Connect is affected by an Apache HTTP Server vulnerability (CVE-2014-0226)

By
Thursday, April 19, 2018
Read
Add Comment

Apr 19, 2018 9:01 am EDT

Categorized: High Severity

Share this post:

IBM API Connect has addressed the following vulnerability.  Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by a race condition in the mod_status module when handling the scoreboard. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE(s): CVE-2014-0226

Affected product(s) and affected version(s):

Affected API ConnectAffected Versions
IBM API Connect5.0.0.0-5.0.6.5
IBM API Connect5.0.7.0-5.0.7.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22015233
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/94678



from IBM Product Security Incident Response Team https://ift.tt/2JWNDAW
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us