Integer Overflow Vulnerability Identified in IBM Notes via Pixman Library
Bill Malchisky July 11 2016
Although this vulnerability will not affect everyone, in talking with my customer's AVL, I decided to post it. The CVE description indicates, "Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via large height and stride values." The risk is low but real. Fortunately, the fix is easy.The risk profile for CVE-2014-9766 is available here, IBM's Security Bulletin for CVE-2014-9766 is available here, and the IBM X-Force Exchange vulnerability report indicates this has a CVSS 3.0 base score of 7.3. Read the X-Force Exhance report here.
Within IBM Notes the aspect in-scope is IBM Expeditor version 6.2.3 and 9.0.1 (Notes client specific). This affects the following versions of IBM Notes:
IBM Notes 9.0.1 FP5 and earlier release
IBM Notes 9.0 IF4 and earlier release
IBM Notes 8.5.3 FP6 IF10 and earlier release
IBM Notes 8.5.2 FP4 IF3 and earlier release
IBM Notes 8.5.1 FP5 IF3 and earlier release
IBM Notes 8.5 release
To address, simply
Notes 9.0.1 -> Get the latest Fix Pack
Notes 8.5.3 -> Get FP6 IF11 or above
More good news, IBM is willing to create a custom fix for customers with different version of Notes. So, if you have a business justification to stay with 9.0.x for example, contact IBM support or your AVL about a resolution.
Good luck. Stay safe.
- Comments [0]