Security Bulletin: Vulnerability in Rational Application Developer for WebSphere Software due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Summary The version of IBM WebSphere Application Server that is shipped with Rational Application Developer for WebSphere Software is shipped with an IBM Java SDK that is based on the Oracle SDK. Oracle has released February 2013 critical patch updates CPU which contain security vulnerability fix...

Security Bulletin: ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is used by the WebSphere Application Server bundled with Rational Application Developer Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this...

Security Bulletin: ClassLoader manipulation with Apache Struts affecting Rational Application Developer (CVE-2014-0114)

Summary There is a ClassLoader manipulation vulnerability in Apache Struts that is bundled by IBM Rational Application Developer for WebSphere Software. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Rational Application Developer for WebSphere Software (CVE-2016-3508, CVE-2016-3500, CVE-2016-3458, CVE-2016-3485)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM Rational Application Developer for WebSphere Software. Vulnerability Details CVEID: CVE-2016-3508 DESCRIPTION: An unspecified vulnerability in Oracle Java SE Java SE Embedded and...

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-4263)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 5, 6, and 7 that is used by Rational Application Developer for WebSphere. This issue was disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details | Subscribe to My Notifications to be notified o...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational Application Developer for WebSphere Software (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Application Developer for WebSphere (CVE-2014-3566, CVE-2014-3065, CVE-2014-6457)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, and 7 that are used by Rational Application Developer. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability CVE-2014-3566. These were disclosed as part ...

Security Bulletin: Rational Application Developer is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires login with...

Security Bulletin: Vulnerabilities in OpenSSL including Logjam affect Rational Application Developer for WebSphere Software (CVE-2015-4000, CVE-2015-1793)

Summary OpenSSL vulnerabilities were disclosed by the OpenSSL Project and affect Rational Application Developer for WebSphere Software. This includes the Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol CVE-2015-4000. This also includes the alternate chains...

Security Bulletin: A Security Vulnerability exists in the Dojo runtime that affects Rational Application Developer

Summary The dojox/form/resources/fileuploader.swf, dojox/form/resources/uploader.swf, dojox/av/resources/audio.swf, and dojox/av/resources/video.swf files exhibit an cross-site scripting XSS vulnerability. Any web application using the IBM Dojo Toolkit and providing those files might be subject t...

Security Bulletin: Multiple vulnerabilities affecting the Cordova platform packaged with Rational Application Developer (CVE-2014-3500, CVE-2014-3501 and CVE-2014-3502)

Summary Multiple vulnerabilities have been discovered that affect the Cordova platform packaged with Rational Application Developer. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for more information requires...

Security Bulletin: Security Vulnerability in Apache Batik (CVE-2015-0250)

Summary Apache Batik could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially-crafted SVG file, an attacker could exploit this vulnerability to reveal files and obtain sensitive information. Vulnerability Details CVEID: CVE-2015-0250 DESCRIPTION:...

Security Bulletin: A Security Vulnerability, exists in the Android platform used by the Cordova tools in Rational Application Developer for WebSphere Software (CVE-2015-5256)

Summary A security vulnerability, CVE-2015-5256, has been discovered that affects the Android platform used by the Cordova tools in Rational Application Developer for WebSphere Software. Vulnerability Details CVE-ID: CVE-2015-5256 DESCRIPTION: Apache Cordova Android could allow a remote attacker ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Application Developer for WebSphere (CVE-2015-0138, CVE-2014-6593, CVE-2015-0410, CVE-2015-0400)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by Rational Application Developer. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPO...

Security Bulletin: Vulnerabilities in OpenSSL affects Rational Application Developer for WebSphere Software

Summary OpenSSL vulnerabilities were disclosed on March 19, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Application Developer for WebSphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-0207 DESCRIPTION: OpenS...

Security Bulletin: Vulnerabilities in OpenSSL affects Rational Application Developer for WebSphere Software (CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206)

Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. OpenSSL is used by the Cordova platform packaged with Rational Application Developer for WebSphere Software and has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2014-3570 Description: An...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Application Developer for WebSphere Software (CVE-2016-0701, CVE-2015-3197)

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by IBM Rational Application Developer for WebSphere Software. IBM Rational Application Developer for WebSphere Software has addressed the applicable CVEs. Vulnerability Details CVEID:...

Security Bulletin: Denial of Service with WebSphere Application Server affecting Rational Application Developer (CVE-2014-0964)

Summary There is a potential denial of service with IBM WebSphere Application Server 6.0.2 and 6.1 that affects versions of WebSphere Application Server used with IBM Rational Application Developer. Vulnerability Details | Subscribe to My Notifications to be notified of important product support...

Security Bulletin: A vulnerability in IBM Java SDK affects Rational Application Developer for WebSphere (CVE-2014-0453)

Summary There is a vulnerability in IBM SDK Java Technology Edition, Versions 5, 6, and 7 that is used by Rational Application Developer for WebSphere. This issue was disclosed as part of the IBM Java SDK updates in April 2014. Vulnerability Details | Subscribe to My Notifications to be notified ...

Security Bulletin: Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Summary Multiple Node.js vulnerabilities has been discovered that affects the Cordova platform packaged with Rational Application Developer Vulnerability Details CVEID: CVE-2017-1000381 DESCRIPTION: c-ares could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds...