IBM Security Bulletin: Vulnerabilities in cURL component shipped with ClearCase (CVE-2014-0139)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
An attacker could send a specially-crafted certificate to impersonate a server. CVE(s): CVE-2014-0139 Affected product(s) and affected version(s): The cURL component is only used in the CMI integration and in the OSLC-based ClearQuest integration. ClearCase client version Status 8.0.1 through 8.0.1.4 Affected 8.0 through 8.0.0.11 Affected 7.1.2 through 7.1.2.14 Affected 7.1.0.x, 7.1.1.x (all versions and fix packs) Not affected 7.0.x Not
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerabilities_in_curl_component_shipped_with_clearcase_cve_2014_0139?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-0139 ,CVE-2014-3566 ,CVE-2014-6457 and CVE-2014-6468. |