Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository Java 2015 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details To fix the WebSphere Service Registry and...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution (CVE-2014-3566, CVE-2014-6558)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6.0,16.1 and 7.0.7.1 that is used by WebSphere Cast Iron. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as par...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server January 2015 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details The following advisories are included in the IBM® SDK Java™...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere MQ (CVE-2014-4263, CVE-2014-4244, CVE-2014-3068 )

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 5.0 SR16-FP6 and earlier, 6 SR16 and earlier and 7 SR7 and earlier that are used by IBM WebSphere MQ. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository October 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Service Registry and Repository. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These issues were disclosed...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Lombardi Edition (CVE-2014-4263, CVE-2014-4244, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is used by WebSphere Lombardi Edition. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability related to t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Dynamic Process Edition (CVE-2014-4263, CVE-2014-4244, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is used by WebSphere Dynamic Process Edition. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability relat...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Process Server and IBM Business Process Manager (CVE-2014-4263, CVE-2014-4244, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition that is used by WebSphere Process Server and IBM Business Process Manager. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID: CVE-2014-4263 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Support Assistant Team Server July 2014 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped with IBM Support Assistant Team Server. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details The following two advisories are included in the IBM® SDK Jav...

Security Bulletin: Multiple vulnerabilities have been identified in IBM WebSphere Application Server shipped with IBM WebSphere Service Registry and Repository

Summary IBM WebSphere Application Server is shipped as a component of IBM WebSphere Service Registry and Repository. Information about the security vulnerabilities affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the securi...

Security Bulletin: Multiple vulnerabilities in IBM API Management

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM API Management V2.0 and V3.0. Vulnerability Details CVEID: CVE-2014-0460 DESCRIPTION: An unspecified vulnerability related to the JNDI component has partial confidentiality impact, partial integrity...

Security Bulletin: Multiple vulnerabilities in current IBM SDK for Java for WebSphere Application Server January 2014 CPU

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server Vulnerability Details The IBM WebSphere Application Server is shipped with an IBM SDK for Java that is based on the Oracle JDK. Oracle has released January 2014 critical...

Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU October 2013

Summary Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in the products that are listed in this document. Vulnerability Details WebSphere Lombardi Edition shipped with a version of IBM WebSphere Application...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Tue Jun 12 14:49:00 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javaapr2018advisory.asc https://aix.software.ibm.com/aix/efixes/security/javaapr2018advisory.asc...

CVE-2018-8119

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK, C SDK, Java SDK...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Mon Apr 30 11:26:59 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/javajan2018advisory.asc https://aix.software.ibm.com/aix/efixes/security/javajan2018advisory.asc...

AIX Java Advisory : java_oct2016_advisory.asc (October 2016 CPU)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following subcomponents : - An unspecified flaw exists in the Libraries subcomponent that allows an unauthenticated, remote attacker to impact integrity. CVE-2016-5542 - An unspecified flaw...

Java SE Mission Control Insecure Transport / Man-In-The-Middle Vulnerability

Java SE Mission Control suffers from an insecure transport vulnerability that allows for man-in-the-middle attacks. + + Credits / Discovery: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/JAVA-SE-MISSION-CONTROL-MITM.txt + ISR:...

Multiple vulnerabilities in IBM Java SDK affect AIX

IBM SECURITY ADVISORY First Issued: Wed Dec 21 14:38:46 CST 2016 |Updated: Fri Dec 23 10:05:04 CST 2016 |Updates: Links to the most recent version of the document are updated. |Updated: Thu Feb 2 11:53:01 CST 2017 |Updates: CVE-2016-5582 which does NOT impact AIX has been removed from |the...

AIX Java Advisory : java_july2016_advisory.asc (July 2016 CPU)

The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following subcomponents : - An unspecified flaw exists in the Networking subcomponent that allows a local attacker to impact integrity. CVE-2016-3485 - An unspecified flaw exists in the...