Medium Severity

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-16168)

Share this post:

SQLite is vulnerable to a denial of service, caused by missing validation of a sqlite_stat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash.

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
IBM Performance Management – Response Time Monitoring Agent 8.1.3
IBM Cloud Application Performance Management – Response Time Monitoring Agent 8.1.4
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.1
IBM Tivoli Composite Application Manager for Transactions (Response Time) 7.4.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1274422

More stories

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact (CVE-2019-4304)

Mar 25, 2020 8:00 pm EDT | Medium Severity

IBM WebSphere Application Server Liberty is shipped as a component of IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. ...read more


Security Bulletin: Security vulnerability is identified in Apache POI server where Rational Asset Manager is deployed (CVE-2019-12415)

Mar 24, 2020 8:01 pm EDT | Medium Severity

The Apache POI that is bundled along with Rational Asset Manager has a potential security vulnerability, which could be exploited by a remote attacker to obtain sensitive information. Respective security vulnerabilities are discussed in detail in the subsequent sections. ...read more


Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Impact (CVE-2019-4441)

Mar 24, 2020 8:00 pm EDT | Medium Severity

IBM WebSphere Application Server is shipped as a component of IBM Tivoli Netcool Impact. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. ...read more