Erwin Data Modeler - The vulnerabilities using zlib 1.2.8 and 1.2.11, CVE-2016-9843;CVE-2016-9842 and CVE-2022-37434 (4369860)

Chat now with support

Return

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title

Erwin Data Modeler - The vulnerabilities using zlib 1.2.8 and 1.2.11, CVE-2016-9843;CVE-2016-9842 and CVE-2022-37434
Description

Erwin Data Modeler - The vulnerabilities using zlib 1.2.8 and 1.2.11,
CVE-2016-9843
CVE-2016-9842
CVE-2016-9841
CVE-2022-37434

Versions affected by above Vulnerabilities

r12.1 GA 29174 (64-bit)
r12.0 GA 28917 (64-bit)
r2021R1_23459(64 bit)
r2020R2.14677(64 bit)
Cause

Erwin Data Modeler installs Open source Software (OSS) using Zlib 1.2.8
https://nvd.nist.gov/vuln/search/results?form_type=Basic&results_type=overview&query=zlib&queryType=phrase&search_type=all&isCpeNameSearch=false
Resolution

Please apply patch HERE

Steps to replace new DLL file :

1.   Install any one of the above-mentioned DM build
2.   Open installation folder “C:\Program Files\erwin\Data Modeler r9”
3.   Replace “zlib128.dll” file with the latest version library attached here
4.   Launch Erwin instance (Erwin instance should be closed before replacing the dll if it is opened)

Feedback Submitted

Did this article solve an issue for you?

Select Rating

Title