Multiple vulnerabilities in IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data



Risk High
Patch available YES
Number of vulnerabilities 35
CVE-ID CVE-2023-48235
CVE-2023-4752
CVE-2023-4781
CVE-2023-48231
CVE-2023-48232
CVE-2023-48233
CVE-2023-48234
CVE-2023-48236
CVE-2023-4750
CVE-2023-48237
CVE-2023-48706
CVE-2023-5344
CVE-2023-5441
CVE-2023-5535
CVE-2024-22667
CVE-2023-4751
CVE-2023-4738
CVE-2022-4292
CVE-2023-1127
CVE-2022-4293
CVE-2023-0049
CVE-2023-0051
CVE-2023-0054
CVE-2023-0288
CVE-2023-0433
CVE-2023-0512
CVE-2023-1170
CVE-2023-4735
CVE-2023-1175
CVE-2023-1264
CVE-2023-2609
CVE-2023-2610
CVE-2023-46246
CVE-2023-4733
CVE-2023-4734
CWE-ID CWE-190
CWE-416
CWE-122
CWE-476
CWE-121
CWE-119
CWE-369
CWE-697
CWE-125
CWE-787
Exploitation vector Network
Public exploit N/A
Vulnerable software
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 
Server applications / Other server solutions

Vendor IBM Corporation

Security Bulletin

This security bulletin contains information about 35 vulnerabilities.

1) Integer overflow

EUVDB-ID: #VU83388

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48235

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when parsing relative ex addresses. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU80506

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the ins_compl_get_exp() function in insexpand.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Heap-based buffer overflow

EUVDB-ID: #VU80474

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4781

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary error within the vim_regsub_both() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Use-after-free

EUVDB-ID: #VU83392

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48231

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error when closing the window. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Integer overflow

EUVDB-ID: #VU83391

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48232

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the 'n' flag. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Integer overflow

EUVDB-ID: #VU83390

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48233

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow if the count after the :s command is larger than what fits into a (signed) long variable. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Integer overflow

EUVDB-ID: #VU83389

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48234

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when using the z= command. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Integer overflow

EUVDB-ID: #VU83387

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48236

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when using the z= command. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU80505

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4750

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the is_qf_win() function in quickfix.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Integer overflow

EUVDB-ID: #VU83386

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48237

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow when shifting lines in operator pending mode. A remote attacker can trick the victim to open a specially crafted file, trigger an integer overflow and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU83442

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-48706

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the ex_substitute() function in src/charset.c when executing the ":s" command. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and crash the application.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Heap-based buffer overflow

EUVDB-ID: #VU81486

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5344

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the trunc_string() function in message.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) NULL pointer dereference

EUVDB-ID: #VU82311

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5441

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in src/gui.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Use-after-free

EUVDB-ID: #VU82310

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5535

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the editing_arg_idx() function. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Stack-based buffer overflow

EUVDB-ID: #VU87189

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-22667

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the did_set_langmap() function in map.c. A remote attacker can trick the victim to open a specially crafted file, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Heap-based buffer overflow

EUVDB-ID: #VU81488

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4751

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the utfc_ptr2len() function in mbyte.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

EUVDB-ID: #VU80504

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4738

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a boundary error within the vim_regsub_both() function in src/regexp.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Use-after-free

EUVDB-ID: #VU70134

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4292

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the did_set_spelllang() funtion in spell.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error  and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Division by zero

EUVDB-ID: #VU73169

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1127

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a divide by zero error within the scrolldown() function in move.c. A remote attacker can trick the victim to open a specially crafted file and crash the editor.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Incorrect Comparison

EUVDB-ID: #VU70135

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4293

CWE-ID: CWE-697 - Incorrect Comparison

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a floating point exception within the num_divide() function in eval.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Out-of-bounds read

EUVDB-ID: #VU70721

Risk: Low

CVSSv3.1: 3.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0049

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the build_stl_str_hl() function in buffer.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Heap-based buffer overflow

EUVDB-ID: #VU70722

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0051

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the msg_puts_printf(0 function in message.c. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Out-of-bounds write

EUVDB-ID: #VU70723

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0054

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input within the do_string_sub() function in eval.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Heap-based buffer overflow

EUVDB-ID: #VU71560

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0288

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the ml_append_int() function in memline.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Heap-based buffer overflow

EUVDB-ID: #VU71558

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0433

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the same_leader() and utfc_ptr2len() function. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Division by zero

EUVDB-ID: #VU72341

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0512

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a divide by zero in the adjust_skipcol() function in move.c. A remote attacker can trick the victim to open a specially crafted file and crash the editor.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Heap-based buffer overflow

EUVDB-ID: #VU73170

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1170

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the utf_ptr2char() function in mbyte.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds read

EUVDB-ID: #VU80503

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4735

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the do_addsub() function in ops.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Buffer overflow

EUVDB-ID: #VU73171

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1175

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the yank_copy_line() function in register.c. A remote attacker can create a specially crafted, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) NULL pointer dereference

EUVDB-ID: #VU73172

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1264

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the utfc_ptr2len() function in mbyte.c.c. A remote attacker can trick the victim to open a specially crafted file and crash the editor.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU76671

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2609

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the get_register() function in register.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Integer overflow

EUVDB-ID: #VU76672

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2610

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the regtilde() function in regexp.c. A remote attacker can trick the victim to open a specially crafted file, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Integer overflow

EUVDB-ID: #VU83514

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46246

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to integer overflow. A remote attacker can trick the victim to open a specially crafted file and perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Use-after-free

EUVDB-ID: #VU80502

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4733

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to crash the application.

The vulnerability exists due to a use-after-free error within the do_ecmd() function in ex_cmds.c. A remote attacker can trick the victim to open a specially crafted file and crash the application.


Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Integer overflow

EUVDB-ID: #VU81485

Risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-4734

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to integer overflow within the f_fullcommand() function in ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger integer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data : before 5.0.1

CPE2.3 External links

http://www.ibm.com/support/pages/node/7162210


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###