Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Fabric Manager

Summary There are multiple vulnerabilities in IBMR SDK JavaTM Technology Edition, Version 7 that is used by IBM Fabric Manager. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details Summary There are multiple vulnerabilities in IBM® SDK Java™...

Title Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Identity Governance and Intelligence 5.2

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version1.7 that is used by Identity Governance and Intelligence 5.2. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”...

Security Bulletin: Multiple vulnerabilities in IBM Java SD affect Guardium Data Redaction

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition version 6 that is used by Guardium Data Redaction. These issues were disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-4844 DESCRIPTION: An unspecified vulnerability...

Charybdis: Improper assumptions in the server handshake code may lead to a remote crash

Access vector: network Access complexity: low Authentication requirement: none Confidentiality impact: none Integrity impact: none Availability impact: complete CVSSv2 temporal score: 6.4 Exploitability: functional exploit exists Remediation level: official fix Report confidence: confirmed Summar...

Spring Source OXM Remote OS Command Injection when XStream and IBM JRE are used

Reference: http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/oxm.htmld0e26722 Product: Spring Source OXM Object/XML Mapping Vendor: VMware Vulnerable Version: 3.0.4 only when XStream and IBM JRE are used Status: Fixed Vendor Notification: 12 October 2010 Vendor Fix:...

AT-TFTP Server Remote Denial of Service Vulnerability

AT-TFTP Server v1.8 Remote Denial of Service Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1013 01/04/2011 Issue Discovered 04/04/2011 Vendor Notified No Response from the Vendor 25/04/2011 Advisory Released Class: Denial of Service Severity: High Overview:...

MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2008-002 MIT krb5 Security Advisory 2008-002 Original release: 2008-03-18 Last update: 2008-03-18 Topic: array overrun in RPC library used by kadmind CVE-2008-0947, CVE-2008-0948 VU374121 Use of high-numbered file descriptors in the RPC...