CVE-2020-4288

Name of the Vulnerable Software and Affected Versions IBM i2 Intelligent Analyis Platform version 9.2.1 IBM i2 Analyst's Notebook (affected versions not specified)

Description The issue is caused by a memory corruption error, which could allow a remote attacker to execute arbitrary code on the system. This can be achieved by persuading a victim to open a specially-crafted document, potentially allowing the attacker to execute arbitrary code with the privileges of the victim or cause the application to crash. The vulnerability is also related to a buffer overflow operation in memory, which may enable an attacker to cause a denial of service or execute arbitrary code using a specially created file with the ANB extension.

Recommendations For IBM i2 Intelligent Analyis Platform version 9.2.1: At the moment, there is no information about a newer version that contains a fix for this vulnerability. For IBM i2 Analyst's Notebook: At the moment, there is no information about a newer version that contains a fix for this vulnerability.