Tableau.Product.Heap.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Tableau products.
The vulnerability is caused by an error when the vulnerable software handles a malformed .twbx file. An attacker exploiting this vulnerability may be able to execute arbitrary code or cause a crash on the vulnerable system.

affected-products-logoAffected Products

Tableau Server on Windows 10.0 through 10.0.21
Tableau Server on Windows 10.1 through 10.1.21
Tableau Server on Windows 10.2 through 10.2.17
Tableau Server on Windows 10.3 through 10.3.17
Tableau Server on Windows 10.4 through 10.4.13
Tableau Server on Windows 10.5 through 10.5.12
Tableau Server on Windows 2018.1 through 2018.1.9
Tableau Server on Windows 2018.2 through 2018.2.6
Tableau Server on Windows 2018.3 through 2018.3.3
Tableau Server on Windows 2019.1 through 2019.1.1
Tableau Server on Linux 10.5 through 10.5.12
Tableau Server on Linux 2018.1 through 2018.1.9
Tableau Server on Linux 2018.2 through 2018.2.6
Tableau Server on Linux 2018.3 through 2018.3.3
Tableau Server on Linux 2019.1 through 2019.1.1
Tableau Desktop on Windows 10.0 through 10.0.21
Tableau Desktop on Windows 10.1 through 10.1.21
Tableau Desktop on Windows 10.2 through 10.2.17
Tableau Desktop on Windows 10.3 through 10.3.17
Tableau Desktop on Windows 10.4 through 10.4.13
Tableau Desktop on Windows 10.5 through 10.5.12
Tableau Desktop on Windows 2018.1 through 2018.1.9
Tableau Desktop on Windows 2018.2 through 2018.2.6
Tableau Desktop on Windows 2018.3 through 2018.3.3
Tableau Desktop on Windows 2019.1 through 2019.1.0
Tableau Desktop on Mac 10.0 through 10.0.21
Tableau Desktop on Mac 10.1 through 10.1.21
Tableau Desktop on Mac 10.2 through 10.2.17
Tableau Desktop on Mac 10.3 through 10.3.17
Tableau Desktop on Mac 10.4 through 10.4.13
Tableau Desktop on Mac 10.5 through 10.5.12
Tableau Desktop on Mac 2018.1 through 2018.1.9
Tableau Desktop on Mac 2018.2 through 2018.2.6
Tableau Desktop on Mac 2018.3 through 2018.3.3
Tableau Desktop on Mac 2019.1 through 2019.1.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-04-03 14.585 Default_action:pass:drop
2019-03-15 14.575