VisiBroker 8.5 Service Pack 4 Hotfix 3 Security Fixes
VisiBroker 8.5 Service Pack 4 Hotfix 3All supported platforms.
The following CVEs are addressed in VisiBroker 8.5 Service Pack 4 Hotfix 3.
CVE-2017-9281: Integer Overflow (CWE-190) and Out-of-Bounds Read (CWE-125) An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
CVE-2017-9282: Integer Overflow (CWE-190) and Out-of-Bounds Write (CWE-787) An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
CVE-2017-9283: Out-of-Bounds Read (CWE-125) An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
The three CVEs described above (CVE-2017-9281, CVE-2017-9282, CVE-2017-9183) have been addressed in VisiBroker 8.5 Service Pack 4 Hotfix 3, available from the Micro Focus Product Update page.
Micro Focus would like to thank Wolfgang Ettlinger (discovery, analysis, coordination) from the SEC Consult Vulnerability Lab (https://www.sec-consult.com/) for responsibly reporting these issues and working with us as we addressed them.
Question... Are these CVEs in all of Visibroker 8.5, any service pack up to (not including) 4? My application currently uses Visibroker 8.5 SP3 and we would like to know if we have to upgrade to SP4 (HF3) to address these issues. Thanks in advance! -pct
We can confirm the above vulnerabilities were also present in ealier service packs. As such, we recommend upgrading to service pack 4 hotfix 3 to address them.
Please note, the above CVEs can only impact applications not using transport-level security. Any applications which are using TLS will not be impacted.
Additionally, the vulnerabilities affect C++ applications only. Java applications are safe.
Hi friends, today I m talking to you amazing site for download free and safe browsers. Firefox is the best browser you can download just click on the link https://foxdownload.org Download Firefox for Windows 10