IBM Security Bulletin: IBM Tivoli Netcool Configuration Manager, Open Source Apache Xalan-Java vulnerability (CVE-2014-0107)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
Apache Xalan-Java is included as separate JAR files for the compliance component which could allow a remote attacker to bypass security restrictions. An attacker could exploit this vulnerability to bypass the secure processing feature to load arbitrary restricted classes. CVE(s): CVE-2014-0107 Affected product(s) and affected version(s): · Affected releases/versions/platforms: 6.2.x, 6.3.x, 6.4.x · Releases/systems/configurations NOT affected: None Refer to the following
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_tivoli_netcool_configuration_manager_open_source_apache_xalan_java_vulnerability_cve_2014_0107?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-0107 ,CVE-2014-0114 ,CVE-2013-5802 ,CVE-2013-5772 ,CVE-2014-0411 ,CVE-2014-0015 ,CVE-2014-0139 ,CVE-2014-0138 ,CVE-2014-2522 and CVE-2014-0050. |