CVE-2017-1495Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Infosphere Information Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents4 sources
Severity
4.9MEDIUMNVD
EPSS
0.3%
top 50.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Information Server
Timeline
PublishedAug 2
Latest updateMay 17

Description

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a privileged user to cause a memory dump that could contain highly sensitive information including access credentials. IBM X-Force ID: 128693.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/infosphere_information_server11.3, 11.5, 9.1+2
NVDibm/infosphere_information_server11.3, 11.5, 9.1+2

🔴Vulnerability Details

2
GHSA
GHSA-7w2h-52xv-3984: IBM InfoSphere Information Server 92022-05-17
CVEList
CVE-2017-1495: IBM InfoSphere Information Server 92017-08-02

💬Community

3
Bugzilla
CVE-2017-5087 chromium-browser: sandbox escape in indexeddb2017-06-16
Bugzilla
CVE-2017-5088 chromium-browser: out of bounds read in v82017-06-16
Bugzilla
CVE-2017-5089 chromium-browser: domain spoofing in omnibox2017-06-16
CVE-2017-1495 — IBM vulnerability | cvebase