Medium Severity

IBM Security Bulletin: IBM FileNet Content Manager affected by Apache PDFBox security vulnerability

Share this post:

IBM FileNet Content Manager has addressed the following security vulnerability. Apache PDFBox is vulnerable to a denial of service, caused by an out of memory exception in AFMParser. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. For more information please refer to the X-Force database entries referenced below.

CVE(s): CVE-2018-8036

Affected product(s) and affected version(s):

IBM FileNet Content Manager 5.2.1, 5.5.0, 5.5.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/docview.wss?uid=ibm10716315
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/145592

More stories

IBM Security Bulletin: IBM API Connect is affected by sensitive information leakage in LoopBack (CVE-2019-4382)

Jun 19, 2019 9:01 am EDT | Medium Severity

API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4382 Affected product(s) and affected version(s): IBM API Connect 5.0.0.0-5.0.8.6 iFix 1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10886747X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162162 ...read more


IBM Security Bulletin: Information Disclosure Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4377)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM Sterling B2B Integrator Standard Edition has addressed the information disclosure vulnerability CVE(s): CVE-2019-4377 Affected product(s) and affected version(s):IBM Sterling B2B Integrator 6.0.0.0 – 6.0.0.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10887853X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162083 ...read more


IBM Security Bulletin: API Connect V2018 is impacted by sensitive information leak (CVE-2018-2013)

Jun 19, 2019 9:01 am EDT | Medium Severity

IBM API Connect has addressed the following vulnerability. CVE(s): CVE-2018-2013 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 2018.1-2018.4.1.5 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882924X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/155193 ...read more