Unrated severityNVD Advisory· Published Oct 11, 2023· Updated Feb 13, 2025
HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3
CVE-2023-37536
Description
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
Affected products
1- Range: 9.5 - 9.5.22, 10 - 10.0.9
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- lists.debian.org/debian-lts-announce/2023/12/msg00027.htmlmitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A6WWL4SWKAVYK6VK5YN7KZP4MZWC7IY/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AJYZUBGPVWJ7LEHRCMB5XVADQBNGURXD/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DAOSSJ72CUJ535VRWTCVQKUYT2LYR3OM/mitre
- support.hcltechsw.com/csmmitre
News mentions
0No linked articles in our index yet.