Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime Technology Edition affect Rational Functional Tester (CVE-2014-3065, CVE-2014-3566, CVE-2014-6511)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 and IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Rational Functional Tester. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK, and IBM Java Runtime Technology Edition affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 & 7 and IBM® Runtime Environment Java™ Technology Edition, Version 6 & 7 that is used by IBM Rational Functional Tester . Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Multiple products could allo...

Security Bulletin: Vulnerability in IBM Java SDK affects Rational Functional Tester (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition that is used by Rational Functional Tester. This vulnerability, commonly referred to as “SLOTH”, was disclosed as part of the IBM Java SDK updates in January 2016. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 & 7 that is used by IBM Rational Functional Tester . These issues were disclosed as part of the IBM Java SDK updates in April 2015 This bulletin also addresses FREAK: "Factoring Attack on RSA-EXPORT keys"...

Security Bulletin: Vulnerability in IBM Java SDK affects Rational Functional Tester (CVE-2016-5542)

Summary If a JAR file is signed with old, weak hash algorithms, the class files within it can be modified without the change being caught. This potentially enables attackers to inject malicious code into signed code from a trusted third party. Vulnerability Details CVEID: CVE-2016-5542 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in IBM Java runtime affect ClearQuest Web and ClearQuest EmailRelay (CVE-2014-3566, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition that is used by ClearQuest Web and ClearQuest EmailRelay. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed ...

Security Bulletin: Multiple vulnerabilities in IBM Java runtime affect ClearQuest Web and ClearQuest EmailRelay (CVE-2014-4263, CVE-2014-4244)

Summary Flaws in the IBM Java runtime Secure Sockets implementation may expose ClearQuest Web and EmailRelay communications to an attacker. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information...

Security Bulletin: Vulnerability in IBM Java Runtime affects IBM Rational ClearQuest (CVE-2016-3426)

Summary There is a vulnerability in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, and 8, which are used by IBM Rational ClearQuest. This issue was disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An unspecifie...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Rational ClearQuest (CVE-2015-7575, CVE-2015-4872, CVE-2015-4893, CVE-2015-4803)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7 and 8 that are used by IBM Rational ClearQuest. These issues were disclosed as part of the IBM Java SDK updates in October 2015 and January 2016 and include the vulnerability commonly...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Agile Lifecycle Manager

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 Service Refresh 5 Fix Pack 15 and earlier releases used by IBM Agile Lifecycle Manager. Agile Lifecycle Manager has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the I...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7 and 8 that are used by Tivoli Netcool/OMNIbus. These were disclosed as part of the IBM Java SDK updates in April 2018 and July 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTIO...

Security Bulletin: Multiple Vulnerabilities in IBM® Java SDK affects Liberty for Java for IBM Cloud July 2018 CPU

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in July 2018. These may affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Service Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Service Tester. Rational Service Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-1656 DESCRIPTION: The I...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 & 8 and IBM® Runtime Environment Java™ Version 7 & 8 used by Rational Performance Tester. Rational Performance Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-1656 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Spectrum LSF Analytics

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 and IBM® Runtime Environment Java™ Version 7 used by IBM Spectrum LSF Analytics. IBM Spectrum LSF Analytics has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the I...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ that is used by IBM Spectrum Protect formerly Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and Data Protection for Hyper-V. These issues were disclosed as part of the IBM Java SDK updates i...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-1517 DESCRIPTION: A flaw in the java.math component in IBM SD...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Wed Sep 19 08:42:00 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajuly2018advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajuly2018advisory.asc...

RHEL 6 : java-1.7.1-ibm (RHSA-2018:2712)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2712 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

RHEL 6 : java-1.8.0-ibm (RHSA-2018:2713)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2713 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...