PT-2017-8310 · Ibm · Ibm Cognos Tm1

Published

2017-04-17

Updated

2017-04-21

CVE-2016-3036

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM Cognos TM1 versions 10.1 through 10.2

Description The issue is a denial of service caused by a stack-based buffer overflow when parsing packets. A remote attacker could exploit this to cause a denial of service.

Recommendations For versions 10.1 and 10.2, apply the necessary patch or update to fix the stack-based buffer overflow issue. As a temporary workaround, consider restricting access to the packet parsing functionality to minimize the risk of exploitation.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-3036

Affected Products

Ibm Cognos Tm1

PT-2017-8310 · Ibm · Ibm Cognos Tm1

CVE-2016-3036

Weakness Enumeration

Related Identifiers

Affected Products

References · 4