Security Bulletin: Vulnerability in Oracle Outside In Technology affects IBM Rational DOORS Next Generation (CVE-2015-4877, CVE-2015-4878)

Summary

IBM Rational DOORS Next Generation® is affected by a vulnerability in the Oracle Outside In Technology® that is used as a component.

Vulnerability Details

CVE-ID: CVE-2015-4877**
DESCRIPTION:** An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow a local attacker to cause a denial of service.
CVSS Base Score: 1.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107301 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:S/C:N/I:N/A:P)

CVE-ID: CVE-2015-4878 DESCRIPTION: An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Filters component could allow a local attacker to cause a denial of service.
CVSS Base Score: 1.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107302 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:S/C:N/I:N/A:P)

Affected Products and Versions

Rational DOORS Next Generation 6.0.1
Rational DOORS Next Generation 6.0
Rational DOORS Next Generation 5.0.2
Releases prior to 5.0.2 are not affected.

Remediation/Fixes

For the 6.0 and 6.0.1 releases, upgrade to version 6.0.1 iFix002 or later

• Rational DOORS Next Generation 6.0.1 iFix002

For the 5.0.2 release, upgrade to version 5.0.2 iFix012 or later

• Rational DOORS Next Generation 5.0.2 iFix012