Security Bulletin: Vulnerabilities in Content Classification Version 8.8 due to security vulnerabilities in IBM JRE 6

Abstract

Multiple security vulnerabilities in IBM Java Runtime Environment (JRE) can affect the security of IBM Content Classification.

Content

VULNERABILITY DETAILS

CVE IDs: CVE-2012-5083, CVE-2012-1531

DESCRIPTION
Vulnerabilities in IBM JRE Service Release 12 can impact the security of IBM Content Classification Version 8.8. Fixes are available in IBM Content Classification Version 8.8 Interim Fix 1.

CVE ID:CVE-2012-5083

CVSS Base Score 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
CVSS Environmental Score undefined
CVSS Vector (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1531

CVSS Base Score 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/79413
CVSS Environmental Score undefined
CVSS Vector (AV:N/AC:L/Au:N/C:C/I:C/A:C)

AFFECTED PRODUCT AND VERSION**:**
IBM Content Classification Version 8.8

**
REMEDIATION:**
Fixes are available in IBM Content Classification Version 8.8 Interim Fix 1. For instructions on downloading and installing Interim Fix 1, see the IBM Content Classification Version 8.8 Interim Fix 1 download document.

**
MITIGATION:**
None. Install the interim fix.

_
Note: _According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an “industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.” IBM PROVIDES THE CVSS SCORES “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Related Information

IBM Content Classification Version 8.8 Interim Fix 1

[{“Product”:{“code”:“SSBRAM”,“label”:“IBM Content Classification”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“Not Applicable”,“Platform”:[{“code”:“PF002”,“label”:“AIX”},{“code”:“PF016”,“label”:“Linux”},{“code”:“PF027”,“label”:“Solaris”},{“code”:“PF033”,“label”:“Windows”}],“Version”:“8.8”,“Edition”:“”,“Line of Business”:{“code”:“LOB45”,“label”:“Automation”}}]