Mar 29, 2017 10:00 am EDT
Categorized: High Severity
Share this post:
IBM Notes consumes Expat XML Parser for which the vulnerabilities are reported. Expat XML Parser is used by Keyview 10.22 library which is consumed by IBM Notes. IBM will address this vulnerability by updating fixes provided by HP to the existing Keyview 10.22 library.
CVE(s): CVE-2012-0876, CVE-2012-1147, CVE-2012-1148, CVE-2015-1283, CVE-2015-2716, CVE-2016-4472, CVE-2016-0718
Affected product(s) and affected version(s):
IBM Notes 9.0.1 to 9.0.1 FP7.
IBM Notes 9.0 to 9.0 IF4.
IBM Notes 8.5.3. to 8.5.3 FP6 IF13.
IBM Notes 8.5.2 to 8.5.2 FP4 IF3.
IBM Notes 8.5.1 to 8.5.1 FP5 IF3.
IBM Notes 8.5 release.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21990421
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73868
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/104964
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103214
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114683
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113408