SB2025050208 - Multiple vulnerabilities in IBM Watson Speech Services Cartridge

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025050208

SB2025050208 - Multiple vulnerabilities in IBM Watson Speech Services Cartridge

Published: May 2, 2025 Updated: July 18, 2025

Security Bulletin ID SB2025050208
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 50% Medium 17% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2024-56171)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


2) Stack-based buffer overflow (CVE-ID: CVE-2024-8176)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when handling XML content. A remote attacker can pass specially crafted XML content to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Input validation error (CVE-ID: CVE-2025-22870)

The vulnerability allows a remote attacker to alter application's behavior.

The vulnerability exists due to insufficient validation of an IPv6 zone ID as a hostname component, when matching hosts against proxy patterns. For instance the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied. A remote attacker can alter application behavior and potentially  gain access to sensitive information or functionality.


4) Stack-based buffer overflow (CVE-ID: CVE-2025-24928)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the xmlSnprintfElements() function in valid.c. A remote attacker can pass specially crafted XML data to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Memory corruption (CVE-ID: CVE-2017-9047)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the xmlSnprintfElementContent function of XMLSoft libxml2 due to improper memory handling by the valid.c source code. A remote attacker can send a specially crafted XML file, trigger memory corruption and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.


6) Input validation error (CVE-ID: CVE-2025-27516)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to sandbox breakout through attr filter selecting format method. A local user can execute arbitrary code on the system.


Remediation

Install update from vendor's website.

References