This Interim Fix will upgrade your IBM Cognos TM1 9.5.1 release.
The TM1 Admin Server does not check the size of the data being sent to it which could permit a remote malicious attacker to perform a "Buffer Overflow" attack against the server running this software. The exposures range from crashing the TM1 Admin Server process through to potentially inserting code of their design to run within the TM1 Admin Server Process.
While IBM has not received any reports of customer issues related to these security vulnerabilities as of March 30, 2012, we strongly encourage all customers to download and apply this Interim Fix to prevent the vulnerability.
To install the Admin Server patch:
1. Stop the TM1 Server/Admin Server
2. Make a backup of the bin directory
3. Unzip the Admin Server patch
4. Copy the files into the bin directory
5. Restart the TM1 Server/Admin Server
|Download||RELEASE DATE||LANGUAGE||SIZE(Bytes)||Download Options
What is Fix Central (FC)?
|TM1 9.5.1 IF3 WIN 32-bit||30 Mar 2012||Language Independent||155000000||FC|
|TM1 9.5.1 IF3 WIN 64-bit||30 Mar 2012||Language Independent||164000000||FC|
|TM1 9.5.1 IF3 AIX||30 Mar 2012||Language Independent||264000000||FC|
|TM1 9.5.1 IF3 Solaris||30 Mar 2012||Language Independent||192000000||FC|