Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-9327)

Summary In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. Vulnerability Details CVEID: CVE-2020-9327 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a NULL pointer...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19925, CVE-2019-19645, CVE-2019-19924, CVE-2019-19923, CVE-2019-19880, CVE-2019-19646, CVE-2019-19926)

Summary SQLite is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2019-19925 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of a NULL pathname in the zipfileUpdate function in ext/misc/zipfile.c. By sending a specially-crafted request, a...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19959, CVE-2019-20218)

Summary SQLite is vulnerable to a denial of service, caused by the mishandling of certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames. By using a specially-crafted filename, a remote attacker could exploit this vulnerability to cause a denial of service...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment Response Time Monitoring Agent (CVE-2019-16168)

Summary SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-16168)

Summary SQLite is vulnerable to a denial of service, caused by missing validation of a sqlitestat1 sz field in whereLoopAddBtreeIndex in sqlite3.c. By providing specially-crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2019-8457)

Summary SQLite is vulnerable to a denial of service, caused by a heap out-of-bound read in the rtreenode function when handling invalid rtree tables. A remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details CVEID: CVE-2019-8457 DESCRIPTION: SQLit...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent and IBM Tivoli Composite Application Manager for Transactions (CVE-2018-8740)

Summary SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash. Vulnerability Details CVEID: CVE-2018-8740...

Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Performance Management products (CVE-2016-0729 )

Summary Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds checking during processing and error reporting. By sending specially crafted input documents, an attacker could exploit this vulnerability to cause the library to crash or possibly execute...

CVE-2018-1441

IBM Application Performance Management - Response Time Monitoring Agent IBM Monitoring 8.1.3 and 8.1.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credential...

CVE-2018-1441

The CVE-2018-1441 entry concerns IBM Application Performance Management – Response Time Monitoring Agent used with IBM Monitoring 8.1.3 and 8.1.4. Vulnerability type: cross-site scripting in the Web UI that can lead to credentials disclosure within a trusted session. Affected products/versions in...

IBM Application Performance Management-Response Time Monitoring Agent Cross-Site Request Forgery Vulnerability

IBM Application Performance Management-Response Time Monitoring Agent is a program response time monitoring agent for application performance management from IBM USA. A cross-site request forgery vulnerability exists in IBM Application Performance Management-Response Time Monitoring Agent. A remo...

CVE-2018-1442

IBM Application Performance Management - Response Time Monitoring Agent IBM Monitoring 8.1.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139598...