Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2012.1057 Potential security vulnerability in CLM 3.x products for the Oracle June 2012 CPU (CVE-2012-1713) 6 November 2012 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Rational Quality Manager IBM Rational Team Concert IBM Rational Requirements Composer Publisher: IBM Operating System: AIX Linux variants Solaris Windows z/OS Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Create Arbitrary Files -- Remote with User Interaction Access Privileged Data -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2012-1713 Reference: ASB-2012.0085 ESB-2012.1011 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21615854 - --------------------------BEGIN INCLUDED TEXT-------------------- Security Bulletin: Potential security vulnerability in CLM 3.x products for the Oracle June 2012 CPU (CVE-2012-1713) Flash (Alert) Abstract The v3 releases of CLM products (Rational Quality Manager, Rational Team Concert, and Rational Requirements Composer) are shipped with an IBM Java that is based on the Oracle Java. Oracle has released a June 2012 critical patch updates (CPU) which contain security vulnerability fixes and the IBM Java is affected. Content VULNERABILITY DETAILS CVE ID: CVE-2012-1713 DESCRIPTION: This issue involves a buffer overrun in the Java platform's Font parsing code. An attacker can potentially place arbitrary data into any location on the host machine using a maliciously crafted font file. This issue involves an internal cache in the Java platform's font scaling code, which may incorrectly be freed from memory by one part of the code (on an error condition) while it is still in use by another. This scenario will usually lead to a crash. An attacker may access arbitrary data within the process address space by crafting a malicious font with invalid character map (CMAP) data. Specifically, an attacker can inject an offset which points to a location outside the CMAP data block. An attacker is potentially be able to pass execution to arbitrary code under certain circumstances via a malicious font file containing a specially crafted hinting program. CVSS: CVSS Base Score: 10 CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/76239 for the current score CVSS Environmental Score*: Undefined CVSS Vector: Undefined REMEDIATION: The recommended solution is to apply the fix for each named product as soon as practical. Please see below for information on the fixes available. Fix: For the affected products, the 3.0.1.5 fix pack includes an updated IBM Java version which addresses these security issues. Rational Team Concert 3.0.1.5 Rational Quality Manager 3.0.1.5 Rational Requirements Composer 3.0.1.5 Workaround: None. REFERENCES: IBM Security Alerts: Oracle June 2012 Security Alert. Oracle Java SE Critical Patch Update Advisory - June 2012: Oracle Java SE Critical Patch Update Advisory - June 2012. Cross reference information Segment Product Component Version Software Development Rational Team Concert Not Applicable 3.0.1, 3.0.1.1, 3.0.1.2, 3.0.1.3, 3.0.1.4 Software Development Rational Requirements Not Applicable 3.0.1, 3.0.1.1, Composer 3.0.1.2, 3.0.1.3, 3.0.1.4 Copyright and trademark information IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBUJi4P+4yVqjM2NGpAQJwog//T+ZbN/tPfZcDMzEeyI91YIHJOreLwVfM ybQ6e+YKwcFmDqwPGByk2UsvE0Wt4HbUhJhC9zZ6+JG4AgyOU2jnNNlnPTc1H66N +EhM7fD3xi/GKbam4+8VG32At+f6nCZFtPzXygHieaopKDTgKjZIgd+lZTPhD47a 7UjtupJnJ09kGN1xAj6xvkORsFnES8EtYrcPToTfpghlwduJeGJJxBq3urVagY/Y 6UEMq0ZQHkh9oElI3nOVSG6DbsCFeGqnv4b4uv66rRbP7UD8/n0DydNHTjMeyG7A It6VYtDZt70n71iYeOJYkYxB/lz2qXFBvBIF2Kn0lSBHVA7PIA3rLpMI7UtiN7Ti PZpays3/6v1VOhaZJ7/ZVU30NzMajTdoBSfL0e0NlBWEJCYh6iwqqRzz2dDtGWu8 vCbpkCPDJy2v7SElgbLXGJEUzGRDaceINOg8stZ/6RJQF/WsC9tieq/2OPS5DKHi 1yFQh0mb5R/b2aMfBjVxH7IVnbcU3gbQ6LprBU9jwuAXau3SqiEhjNTYGZ4At4vu l6awgXmaPAJ39AtPe1YN2QzHZiX2lErTj6oRoGk2rszUlMSSgbbEVkZuxLN7m4q6 8IjiK0RC6ec2P/vq1wJav92hSyNVLkmk65kP4hKE32HeS/ZvImbtS3EIVD7lxDVA JD0Cz5rFLmE= =sKsn -----END PGP SIGNATURE-----