IBM DataPower Gateways has addressed vulnerabilities in processing certain XML files that could cause a denial of service or obtain sensitive information.
CVEID: CVE-2016-4448**
DESCRIPTION:** libxml2
could allow a remote attacker to execute arbitrary code on the system, caused by a format string error. By using a specially crafted HTML file that contains malicious format specifiers, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 7.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113523 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-4449**
DESCRIPTION:** libxml2
could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113524 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID: CVE-2016-3627**
DESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by an error in the xmlStringGetNodeList()
function when parsing xml files while in recover mode. An attacker could exploit this vulnerability to exhaust the stack and cause a segmentation fault.
CVSS Base Score: 5.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111586 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
CVEID: CVE-2016-3705**
DESCRIPTION:** libxml2
is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read of xmlParserEntityCheck()
and xmlParseAttValueComplex()
functions in parser.c
. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CVSS Base Score: 6.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112885 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
CVEID: CVE-2016-4447**
DESCRIPTION:** libxml2
is vulnerable to a denial of service, caused by a heap-based buffer overflow. By persuading a victim to open a specially crafted XML file, a remote attacker could overflow a buffer and cause the application to crash.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/113522 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
IBM DataPower Gateways versions 7.2.0.0 to 7.2.0.8, 7.5.0.0 to 7.5.0.2, and 7.5.1.0 to 7.5.1.1.
Fix is available in versions 7.2.0.9, 7.5.0.3, and 7.5.1.2. Refer to APAR IT16307 for URLs to download the fix.
You should verify applying this fix does not cause any compatibility issues.
_For DataPower customers using versions 6.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product. _
None