Tableau.TBWX.File.Memory.Corruption
Description
This indicates an attack attempt against a Heap Overflow vulnerability in Tableau Server and Tableau Desktop.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted file. An attacker can exploit this by tricking an unsuspecting user into opening a malicious file.
Affected Products
Tableau Desktop and Server: 9.1 through 9.1.21
Tableau Desktop and Server: 9.2 through 9.1.20
Tableau Desktop and Server: 9.3 through 9.3.18
Tableau Desktop and Server: 10.0 through 10.0.14
Tableau Desktop and Server: 10.1 through 10.1.12
Tableau Desktop and Server: 10.2 through 10.2.7
Tableau Desktop and Server: 10.3 through 10.3.5
Tableau Desktop and Server: 10.4 through 10.4.1
Tableau Desktop and Server: 10.5 through 10.5.0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://community.tableau.com/community/security-bulletins/blog/2018/02/23/important-adv-2018-001-heap-overflow-in-tableau-server-and-tableau-desktop
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |