High Severity

IBM Security Bulletin: Open Source Expat XML Parser Vulnerabilities for IBM Notes

Share this post:

IBM Notes consumes Expat XML Parser for which the vulnerabilities are reported. Expat XML Parser is used by Keyview 10.22 library which is consumed by IBM Notes. IBM will address this vulnerability by updating fixes provided by HP to the existing Keyview 10.22 library.

CVE(s): CVE-2012-0876, CVE-2012-1147, CVE-2012-1148, CVE-2015-1283, CVE-2015-2716, CVE-2016-4472, CVE-2016-0718

Affected product(s) and affected version(s):

IBM Notes 9.0.1 to 9.0.1 FP7.
IBM Notes 9.0 to 9.0 IF4.
IBM Notes 8.5.3. to 8.5.3 FP6 IF13.
IBM Notes 8.5.2 to 8.5.2 FP4 IF3.
IBM Notes 8.5.1 to 8.5.1 FP5 IF3.
IBM Notes 8.5 release.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21990421
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73868
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/73867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/104964
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/103214
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/114683
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/113408

More stories

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Jun 25, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. CVE(s): CVE-2019-10245 Affected product(s) and affected version(s):Rational Performance Tester versions 8.6, 8.7, 9.0, 9.1, 9.2 and 9.5. Refer to the following reference URLs ...read more


IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Jun 25, 2019 9:01 am EDT | High Severity

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 and IBM® Runtime Environment Java™ Version 8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. CVE(s): CVE-2019-10245 Affected product(s) and affected version(s):Rational Service Tester versions 8.6, 8.7, 9.0, 9.1, 9.2, 9.5. Refer to the following reference URLs for ...read more


IBM Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Access Manager Appliance

Jun 22, 2019 9:01 am EDT | High Severity

Multiple Security vulnerabilities have been fixed in the 9.0.7 IBM Security Access Manager (ISAM) appliance. CVE(s): CVE-2018-0732, CVE-2018-0739, CVE-2017-3735, CVE-2019-4152, CVE-2019-4151, CVE-2019-4150, CVE-2019-4153, CVE-2019-4156, CVE-2019-4157, CVE-2019-4158, CVE-2019-5953, CVE-2019-9636, CVE-2019-4135, CVE-2013-2197, CVE-2016-10542, CVE-2016-5725, CVE-2018-16850, CVE-2017-7546, CVE-2017-12172, CVE-2016-7048, CVE-2016-0766, CVE-2019-4145 Affected product(s) and affected version(s):ISAM 9.0.1, 9.0.2 9.0.3, 9.0.4, 9.0.5, 9.0.6 ISAM Appliance 9.0.1, 9.0.2 9.0.3, 9.0.4, ...read more