IBM Support

Security Bulletin: Gdal vulnerabilities affect IBM Netezza Analytics for NPS

Security Bulletin


Summary

IBM Netezza Analytics for NPS uses gdal version 1.7.2. IBM Netezza Analytics for NPS has addressed the applicable CVEs.

Vulnerability Details

CVEID:   CVE-2011-3045
DESCRIPTION:   libpng is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the png_inflate() function. By persuading a victim to open a specially-crafted Portable Network Graphics (PNG) image file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/74000 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVEID:   CVE-2013-6629
DESCRIPTION:   Google Chrome could allow a remote attacker to obtain sensitive information, caused by an error in the get_sos() function within the libjpeg and libjpeg-turbo libraries. An attacker could exploit this vulnerability to read uninitialized memory and obtain sensitive information.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/88783 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID:   CVE-2017-15232
DESCRIPTION:   libjpeg-turbo is vulnerable to a denial of service, caused by a NULL pointer dereference in jdpostct.c and jquant1.c. By persuading a victim to open a specially crafted JPEG file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/133309 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:   CVE-2012-2806
DESCRIPTION:   libjpeg-turbo is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the get_sos() function. By persuading a victim to open a specially-crafted JPEG image, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/76952 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVEID:   CVE-2013-6630
DESCRIPTION:   Google Chrome could allow a remote attacker to obtain sensitive information, caused by an error in the get_dht() function within the libjpeg and libjpeg-turbo libraries. An attacker could exploit this vulnerability to read uninitialized memory and obtain sensitive information.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/88784 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVEID:   CVE-2011-3048
DESCRIPTION:   libpng could allow a remote attacker to execute arbitrary code on the system, caused by an error in the png_set_text_2() function. By persuading a victim to open a specially-crafted Portable Network Graphics (PNG) image file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/74494 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVEID:   CVE-2008-3964
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by an off-by-one error in the png_push_read_zTXt() function. By persuading a victim to view a PNG image containing specially-crafted zTXt chunks, an attacker could cause the affected application to crash.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/44928 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID:   CVE-2011-2501
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by an off-by-one error in pngerror.c. By persuading a victim to view a specially-crafted PNG image file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/68517 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID:   CVE-2015-7981
DESCRIPTION:   libpng could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in the png_convert_to_rfc1123 function. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/107740 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:   CVE-2011-2691
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by a NULL pointer dereference error in the png_default_error() function. By sending a specially-crafted string, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/68537 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:   CVE-2017-12652
DESCRIPTION:   An unspecified error with improper validation of length of chunks against the user limit in libpng has an unknown impact and attack vector.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/163589 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:   CVE-2010-1205
DESCRIPTION:   libpng is vulnerable to a buffer overflow, caused by improper bounds checking by progressive applications when handling image row data. By sending an extra image row data beyond the reported height in the header, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/59815 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID:   CVE-2015-8472
DESCRIPTION:   libpng is vulnerable to a buffer overflow, caused by improper bounds checking by the png_get_PLTE() and png_set_PLTE() functions. By persuading a victim to open a specially crafted PNG image, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 6.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/109392 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)

CVEID:   CVE-2011-2692
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by an error when processing invalid sCAL chunks. By persuading a victim to view a specially-crafted PNG image file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/68536 for the current score.
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID:   CVE-2015-8540
DESCRIPTION:   libpng is vulnerable to a buffer overflow, caused by a read underflow in png_check_keyword in pngwutil.c. By sending an overly long argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 9.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/109219 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2016-10087
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by a NULL pointer dereference in the png_set_text_2 function. By loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure, a remote attacker could exploit this vulnerability to cause a denial of service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/124207 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2015-8126
DESCRIPTION:   libpng is vulnerable to a buffer overflow, caused by improper bounds checking by the png_set_PLTE() and png_get_PLTE() functions. By persuading a victim to open a specially-crafted PNG file, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/108010 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:   CVE-2012-3425
DESCRIPTION:   libpng is vulnerable to a denial of service, caused by an out-of-bounds read. A remote attacker could exploit this vulnerability to crash the vulnerable library.
CVSS Base score: 5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/77165 for the current score.
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVEID:   CVE-2018-17000
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a NULL pointer dereference in the _TIFFmemcmp function in tif_unix.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/149860 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:   CVE-2018-19210
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/152872 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:   CVE-2019-14973
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by an iInteger overflow in the _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/165333 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:   CVE-2017-11613
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a flaw in the TIFFOpen function. By using a specially-crafted file, an attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/129463 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:   CVE-2017-5563
DESCRIPTION:   LibTIFF is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the tif_lzw.c. By persuading a victim to open a specially-crafted bmp image file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/121605 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:   CVE-2018-15209
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow in the ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/148105 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)

CVEID:   CVE-2018-16335
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-baesd buffer overflow in the newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 5.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/149245 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)Version(s)
IBM Netezza Analytics for NPSAll versions upto 11.2.24

Remediation/Fixes

ProductVRMFRemediation/First Fix  
IBM Netezza Analytics for NPS
11.2.25Link to Fix Central
 

Note: IBM Netezza Analytics for NPS addresses above CVEs by removing gdal from IBM Netezza Analytics for NPS.

Workarounds and Mitigations

None

Get Notified about Future Security Bulletins

Subscribe to My Notifications to be notified of important product support alerts like this.

References

Complete CVSS v3 Guide
On-line Calculator v3

Off

Related Information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

12 Apr 2022: Original Publication

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

Document Location

Worldwide

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSUSQ8","label":"IBM Netezza Analytics"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
03 June 2022

UID

ibm16572711

Page Feedback