IBM i2 Analyst’s Notebook and Analyst’s Notebook Premium addressed several memory corruption vulnerabilities.
CVEID:CVE-2020-4724
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187874 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID:CVE-2020-4722
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187870 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID:CVE-2020-4723
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187873 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
CVEID:CVE-2020-4721
**DESCRIPTION:**IBM i2 Analyst’s Notebook could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/187868 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM i2 Analyst’s Notebook | IBM i2 Analyst’s Notebook 9.2.0 |
IBM i2 Analyst’s Notebook | IBM i2 Analyst’s Notebook 9.2.1 |
Please download updates from IBM Fix Central using the links below
Analyst’s Notebook
https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=i2&product=ibm/Other+software/i2+Analysts+Notebook&release=9.2.2.0&platform=Windows&function=all
Analyst’s Notebook Premium
https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=i2&product=ibm/Other+software/i2+Analysts+Notebook+Premium&release=9.2.2.0&platform=Windows&function=all
None