Medium Severity

IBM Security Bulletin: IBM Notes Open Source Expat Vulnerabilities disclsoure

Share this post:

IBM Notes consumes Expat XML Parser for which the vulnerabilities are reported. Expat XML Parser is used by Keyview 10.22 library which is consumed by IBM Notes. IBM will address this vulnerability by updating fixes provided by HP to the existing Keyview 10.22 library.

CVE(s): CVE-2012-6702, CVE-2016-5300

Affected product(s) and affected version(s):

IBM Notes 9.0.1 to 9.0.1 FP7
IBM Notes 9.0 to 9.0 IF4
IBM Notes 8.5.3 to 8.5.3 FP6 IF13
IBM Notes 8.5.2 to 8.5.2 FP4 IF3
IBM Notes 8.5.1. to 8.5.1 FP5 IF3
IBM Notes 8.5 release

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21990658
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114541
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114435

More stories

IBM Security Bulletin: IBM API Connect V5 is potentially impacted by a weak cipher (CVE-2019-4256)

May 23, 2019 9:01 am EDT | Medium Severity

API Connect has addressed the following vulnerability. CVE(s): CVE-2019-4256 Affected product(s) and affected version(s): Affected IBM API Management Affected Versions IBM API Connect 5.0.0.0-5.0.8.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10882968X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/159944 ...read more


IBM Security Bulletin: IBM Security Guardium is affected by Oracle MySQL vulnerabilities

May 23, 2019 9:00 am EDT | Medium Severity

IBM Security Guardium has addressed the following vulnerabilities CVE(s): CVE-2019-2434, CVE-2019-2455, CVE-2019-2510, CVE-2019-2532, CVE-2019-2494, CVE-2019-2495, CVE-2019-2536, CVE-2019-2531, CVE-2019-2528, CVE-2019-2529, CVE-2019-2507, CVE-2019-2502, CVE-2019-2503, CVE-2019-2486, CVE-2019-2420, CVE-2019-2482, CVE-2019-2481, CVE-2019-2539, CVE-2019-2535, CVE-2019-2436, CVE-2019-2513, CVE-2019-2537, CVE-2019-2530, CVE-2019-2533 Affected product(s) and affected version(s): Affected IBM Security Guardium Affected Versions IBM Security Guardium 10 – 10.6 Refer to the following reference ...read more


IBM Security Bulletin: IBM MQ is vulnerable to a denial of service attack within the error logging function (CVE-2019-4039)

May 22, 2019 9:00 am EDT | Medium Severity

A vulnerability was found within the error logging function that meant that a local attacker could cause an overwrite of arbitrary MQ files and cause a denial of service attack against IBM MQ queue managers. CVE(s): CVE-2019-4039 Affected product(s) and affected version(s):IBM MQ V8 versions 8.0.0.0 – 8.0.0.11 IBM MQ V9 LTS versions 9.0.0.0 – ...read more