Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
SEVERITY: MEDIUM
CATEGORY: VULNERABILITY
ANALYSIS SUMMARY:
IBM Lotus Protector for mail security has now released updates for a previously disclosed vulnerability identified as CVE-2018-12882. The flaw is that the exif_read_from_impl function in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function. Successful exploitation of the flaw causes Denial of Service condition.
Vendor has released fixes for the vulnerability.
AFFECTED PRODUCTS
IMPACT
Denial of service with application crash.
REMEDIATION
Vendor has released fixes for this vulnerability.
A php-upgrade-7_2_7 will solve the problem.
For IBM Lotus Protector for mail security, follow the vendor’s link below:
https://www-01.ibm.com/support/docview.wss?uid=ibm10787455