Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affects IBM Systems Director Storage Control

Summary There are multiple vulnerabilities in IBM®Runtime Environment Java™Technology Edition, Version 6 that is used by IBM Systems Director Storage Control. These issues was disclosed as part of the IBM Java updates for January 2016, July 2016 and October 2016. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM XIV Gen3 systems and IBM XIV Management Tools (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM XIV Gen3 systems and IBM XIV Management Tools. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2016-0466, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 that is used by IBM Tivoli System Automation for Multiplatforms. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Operations Analytics - Predictive Insights (CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 Service Refresh 9 Fix Pack 20 that is used by IBM Operations Analytics - Predictive Insights. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Service Tester (CVE-2015-7575, CVE-2016-0475)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 that is used by Rational Service Tester. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerability...

Security Bulletin: Vulnerability in IBM Java Runtime affects Rational Publishing Engine (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that are used by Rational Publishing Engine. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects Rational Performance Tester (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects Rational Performance Tester. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational BuildForge (CVE-2015-1792)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by Rational BuildForge. Rational Buildforge has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1792 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an...

Security Bulletin: Vulnerability in IBM Java Runtime affect Rational Policy Tester (CVE-2016-0466, CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 8.0 that is used by Rational Policy Tester. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Guardium Data Redaction (CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version1.6 that is used by IBM InfoSphere Guardium Data Redaction. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM QRadar SIEM and Incident Forensics. (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6 and 7 that is used by IBM QRadar SIEM and Incident Forensics. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM Security Guardium (CVE-2015-7575)

Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM Security Guardium Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM B2B Advanced Communications.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 7.0 SR7 that is used by IBM Multi-Enterprise Integration Gateway. These issues were disclosed as part of the IBM Java SDK updates for October 2015 and January 2016. Vulnerability Details CVEID...

Security Bulletin: Vulnerability in IBM Java Runtime shipped with WebSphere Partner Gateway Advanced/Enterprise editions (CVE-2015-7575)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by WebSphere Partner Gateway Advanced/Enterprise editions. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Initiate Master Data Service (CVE-2015-4872, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Initiate Master Data Service. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. Vulnerabilit...

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2016-0466, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS. These issues were disclosed as part of the IBM Java SDK...

Security Bulletin:Multiple vulnerabilities in IBM® SDK Java™ Technology Edition affect IBM DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0475, CVE-2016-0483, CVE-2016-0494, CVE-2015-7575)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM DB2 Recovery Expert for Linux, UNIX and Windows . Information about these vulnerabilities affecting IBM Java SDK has been published in a security bulletin. Vulnerability Details CVEID: CVE-2016-040...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Information Server (CVE-2016-0475 CVE-2016-0466 CVE-2015-7575 CVE-2016-0448)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM® DB2® LUW (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 6.0 and 7.0 that is used by DB2 LUW. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The T...

Security Bulletin: Multiple Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jan 2016 - Includes Oracle Jan 2016 CPU + 3 IBM CVEs affects IBM Algo One - Core, Algo Risk Application, and Counterparty Credit Risk

Summary Java SE issues disclosed in the Oracle January 2016 Critical Path Update. Affects Algo One - Core, Algo Risk Application, and Counterparty Credit Risk. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision...