Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: IBM Tivoli Netcool Configuration Manager, Open Source Apache Xalan-Java vulnerability (CVE-2014-0107) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Apache Xalan-Java is included as separate JAR files for the compliance component which could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass the secure processing feature to load arbitrary restricted classes. CVE(s): CVE-2014-0107 Affected product(s) and affected version(s): · Affected releases/versions/platforms: 6.2.x, 6.3.x, 6.4.x · Releases/systems/configurations NOT affected: None Refer to the following More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_tivoli_netcool_configuration_manager_open_source_apache_xalan_java_vulnerability_cve_2014_0107?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-0107 ,CVE-2014-0114 ,CVE-2013-5802 ,CVE-2013-5772 ,CVE-2014-0411 ,CVE-2014-0015 ,CVE-2014-0139 ,CVE-2014-0138 ,CVE-2014-2522 and CVE-2014-0050. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-07-03 |