Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.2

Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.2. The vulnerabilities have been addressed in 4.2.2 version. Hence, IBM strongly recommends upgrading to 4.2.2. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

EUVD-2013-3955

Malware in sbrugna...

EUVD-2013-3956

Malware in sbrugna...

EUVD-2013-2919

Malware in sbrugna...

EUVD-2013-2920

Malware in sbrugna...

Security Bulletin: IBM Data Studio Web Console is vulnerable to cross-site request forgery, caused by improper validation of browser request headers.

Abstract A service in the IBM Data Studio Web Console versions 3.1.0 and 3.1.1 is impacted by cross-site request forgery. By persuading an authenticated user to visit a malicious web site, a remote attacker could exploit this vulnerability to obtain sensitive information. Content VULNERABILITY...

Security Bulletin: The IBM Data Studio Help System may display debug information if an input parameter is out of range.

Abstract IBM Data Studio version 3.1.1 and 3.2 include Eclipse 3.6 components that provide functionality to display the help. These components have a potential vulnerability where debug information may be displayed if an input parameter is out of range. Content VULNERABILITY DETAILS: CVE ID:...

Security Bulletin: Multiple vulnerabilities in IBM Data Studio Web Console due to vulnerabilities in IBM Java Runtime Environment.

Abstract IBM Data Studio Web Console uses the IBM Java Runtime Environment JRE and might be affected by vulnerabilities in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability within the JSSE component could allow a remote attacker to cause a...

Security Bulletin: Vulnerability in SSLv3 affects IBM Data Studio Web Console (CVE-2014-3566)

Abstract SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Data Studio Web Console. Content Vulnerability Details CVE-ID : CVE-2014-3566 DESCRIPTION : IBM Data Studio Web Console could allow a remo...

Security Bulletin: Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows (CVE-2013-4025, CVE-2013-4024, CVE-2013-4022)

Abstract Multiple vulnerabilities exist in IBM Data Studio Web Console, Optim Performance Manager, IBM InfoSphere Optim Configuration Manager, and DB2 Recovery Expert for Linux, UNIX and Windows which could allow an attacker to view sensitive information or perform actions as a compromised user...

Security Bulletin: Open redirect and cross-site scripting vulnerabilities in the IBM Data Studio help system (CVE-2012-2159, CVE-2012-2161, CVE-2013-0467)

Abstract The Eclipse components that display the help content in IBM Data Studio version 3.1 and 3.1.1 are vulnerable to redirect and cross-site scripting attacks. Content...

Security Bulletin: Vulnerability in Apache Log4j affects IBM Data Studio Client (CVE-2021-4104)

Summary Apache Log4j open source library is used by IBM Data Studio Client. This bulletin describes the upgrades necessary to address the vulnerability. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caus...

Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition used by IBM Data Studio Client

Summary CVE-2021-2161 was disclosed in the Oracle April 2021 Patch Update. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high integrity...

Security Bulletin: Security vulnerabilities have been identified in IBM Java, SDK Technology Edition shipped with IBM Data Studio

Summary IBM® SDK, Java™ Technology Edition is shipped with IBM Data Studio. Information about security vulnerabilities affecting IBM data Studio have been published in a security bulletin. Vulnerability Details Refer to the security bulletin listed in the Remediation/Fixes section. Affected...

Security Bulletin: A security vulnerability has been identified in IBM Java SDK shipped with IBM Data Studio, InfoSphere Data Architect, Optim Query Workload Tuner for Linux, UNIX and Windows, and Optim Query Workload Tuner for z/OS (CVE-2015-4872)

Summary IBM Java SDK is shipped as a component of IBM Data Studio, InfoSphere Data Architect, InfoSphere Optim Query Workload Tuner for Linux, UNIX and Windows, and InfoSphere Optim Query Workload Tuner for z/OS. Information about a security vulnerability affecting IBM Java SDK has been published...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2015-0488, CVE-2015-0478 and CVE-2015-1916)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Data Studio Web Console. (CVE-2014-6593, CVE-2015-0410)

Summary There are multiple vulnerabilities in IBMｮ Runtime Environments JavaTechnology Edition, Version 5, 6 and 7 that is used by IBM Data Studio Web Console DSWC. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVE-ID: CVE-2014-6593...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2014-6558, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Data Studio Web Console. (CVE-2014-6457, CVE-2014-3065)

Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 5, 6 and 7, which are used by IBM Data Studio Web Console DSWC. These issues were disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVE-ID: CVE-2014-3065...

Security Bulletin: Vulnerability in SSLv3 affects IBM Data Studio client (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in the IBM Data Studio client. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...