Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise an application using the libxml2 library.
410c462035e1358fc4b621875b25711b0259f980a7dd1259234110a021d94f16
----------------------------------------------------------------------
Did you know? Our assessment and impact rating along with detailed
information such as exploit code availability, or if an updated patch
is released by the vendor, is not part of this mailing-list?
Click here to learn more about our commercial solutions:
http://secunia.com/advisories/business_solutions/
Click here to trial our solutions:
http://secunia.com/advisories/try_vi/
----------------------------------------------------------------------
TITLE:
Avaya CMS / IR Solaris libxml2 Integer Overflow Vulnerabilities
SECUNIA ADVISORY ID:
SA34247
VERIFY ADVISORY:
http://secunia.com/advisories/34247/
DESCRIPTION:
Avaya has acknowledged some vulnerabilities in Avaya CMS / IR, which
can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially to compromise an application using the
libxml2 library.
For more information:
SA33792
The vulnerability is reported in the following products and
versions:
* Avaya CMS (version R13/R13.1, R14/R14.1, and R15)
* Avaya IR (version 3.0 and 4.0)
SOLUTION:
The vendor recommends that local and network access to the affected
systems be restricted until an update is available.
ORIGINAL ADVISORY:
http://support.avaya.com/elmodocs2/security/ASA-2009-067.htm
OTHER REFERENCES:
SA33792:
http://secunia.com/advisories/33792/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------