Security Bulletin: IBM Integrated Information Core and WebSphere Application Server - Oracle CPU July 2015

Abstract Oracle released the July 2015 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Content New IBM WebSphere Application Server updates are available that include an...

Security Bulletin: IBM Integrated Information Core and WebSphere Application Server - Oracle CPU October 2014

Abstract Oracle released the October 2014 critical patch updates which contain multiple fixes for security vulnerabilities in the IBM Java Development Kit that is included with the IBM WebSphere Application Server. Content New IBM WebSphere Application Server updates are available that include an...

Security Bulletin: IBM Tivoli Directory Integrator can be affected by vulnerabilities in the IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: Vulnerability in IBM InfoSphere Information Server due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2012-1717, CVE-2012-1718, CVE-2012-5081)

Abstract Multiple IBM Java SDK security vulnerabilities exist in the IBM InfoSphere Information Server. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: Unspecified vulnerability in the Java Runtime Environment JRE allows remote attackers to affect availability via vectors relate...

Security Bulletin: IBM Content Collector affected by vulnerabilities in IBM Java SDK

Abstract The IBM Content Collector is shipped with an IBM Java SDK and an embedded IBM WebSphere Application Server that also includes an IBM Java SDK. These IBM Java SDKs are based on the Oracle SDK. In February 2013, Oracle has released critical patch updates CPU that contain security...

Security Bulletin: SONAS Update Includes Fixes for Multiple Vendor Security Vulnerabilities

Abstract SONAS includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- IBM| TSM 6.3.1.0| Two unauthorized access...

Security Bulletin: Storwize V7000 Unified V1.4.1.0 Includes Fixes for Multiple Vendor Security Vulnerabilities

Abstract Storwize V7000 Unified includes multiple software components for which the vendors have provided fixes for security vulnerabilities in such components. Content VULNERABILITY DETAILS: CVE ID: Vendor| Vendor ID| Vendor Title| Included CVEs ---|---|---|--- IBM| TSM 6.3.1.0| Two unauthorized...

Security Bulletin: Vulnerability IBM Java XML Parser used in IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed (CVE-2013-4002)

Abstract IBM License Metric Tool and IBM Tivoli Asset Discovery for Distributed ships with IBM Java JRE. This JRE contains a variant of Apache-J XML parser XM4J that is vulnerable to a denial of service attack triggered by malformed XML data. Content CVE ID: CVE-2013-4002 IBM CVSS SCORE: 7.1CVSS...

Security Bulletin: IBM QuickFile is affected by vulnerabilities that exist in the IBM Java SDK (CVE-2013-4002)

Abstract IBM QuickFile uses IBM Java SDK. QuickFile is affected by a vulnerability that exists in the IBM Java SDK version shipped with QuickFile. Content IBM QuickFile is shipped with an IBM Java SDK which is based on the Oracle SDK. Oracle has released a critical patch update CPU which contains...

Security Bulletin: Potential security exposure when using IBM® InfoSphere® Streams due to vulnerabilities in IBM Java™ SE Version 6 SDK.

Abstract IBM InfoSphere Streams makes use of IBM Java SE Version 6 SR12 SDK. Potential security exposures exist in IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK. Content VULNERABILITY DETAILS: CVE-2013-0440, CVE-2013-0443 DESCRIPTION: Vulnerabilities in the IBM Java S...

Security Bulletin: Multiple vulnerabilities in InfoSphere Optim Performance Manager due to vulnerabilities in IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443)

Abstract IBM InfoSphere Optim Performance Manager uses the IBM Java Runtime Environment JRE and might be affected by vulnerabilities in the IBM JRE. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability in Oracle Java within the JSSE component could allow ...

Security Bulletin: IBM QuickFile is affected by vulnerabilities that exist in the IBM Java SDK.

Abstract IBM QuickFile uses IBM Java SDK. Multiple security vulnerabilities exist in the IBM Java SDK version this is shipped with the IBM QuickFile. Content The IBM QuickFile is shipped with an IBM Java SDK which is based on the Oracle SDK. Oracle has released a critical patch update CPU which...

Security Bulletin: IBM Tivoli Federated Identity Manager and Tivoli Federated Identity Manager Business Gateway can be affected by three vulnerabilities in the Websphere IBM Java Runtime Environment (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)

Abstract CVE-2013-0440 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect availability via vectors related to JSSE. CVE- 2013-0443 - Unspecified vulnerability in IBM Java Runtime Environment allows remote attackers to affect confidentiality and integrity...

Security Bulletin: IBM Smart Analytics System 5600 clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)

Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: The IBM Smart Analytics System 560...

Security Bulletin: Potential security exposure when using IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK.

Abstract IBM InfoSphere Streams makes use of IBM Java SE Version Version 6 SDK. Potential security exposures exist in IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK. Content VULNERABILITYDETAILS: CVE-2012-1718, CVE-2012-3143, CVE-2012-3159, CVE-2012-5081 DESCRIPTION:...

Security Bulletin: Multiple IBM Java SDK security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-4002 and CVE-2013-2407)

Abstract Security Bulletin: Multiple IBM Java SDK security vulnerabilities exist in IBM InfoSphere Information Server CVE-2013-4002 and CVE-2013-2407 Content SUMMARY: IBM Information Server is impacted by security vulnerabilities in the IBM Java Runtime Environment JRE that affect availability an...

Security Bulletin: Vulnerabilities in IBM Java SDK (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)

Abstract These vulnerabilities are only applicable to Java deployments where untrusted code may be executed under a security manager e.g. Java applets running in a web browser. Content VULNERABILITY DETAILS: CVE IDs: CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823 DESCRIPTION: There ar...

Security Bulletin: Multiple vulnerabilities exist in the SOAP Gateway component of IMS Enterprise Suite (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2013-3003)

Abstract The SOAP Gateway component of IMS™ Enterprise Suite versions 1.1, 2.1, and 2.2 is affected by multiple vulnerabilities in IBM® Java™ and could allow remote, arbitrary command execution. Content VULNERABILITY DETAILS: CVE ID: CVE-2013-0440 DESCRIPTION: An unspecified vulnerability could...

Security Bulletin: InfoSphere Streams is affected by multiple vulnerabilities in the IBM Java JDK (CVE-2013-1500, CVE-2013-2412, CVE-2013-1571)

Abstract The IBM JDK shipped with InfoSphere Streams has security vulnerabilities which can potentially impact InfoSphere Streams. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1500 An unspecified vulnerability in the Java Runtime Environment JRE component allows local users to affect...

Security Bulletin: WebSphere Partner Gateway Express is affected by vulnerabilities that exist in the IBM Java SDK (CVE-2013-1571)

Abstract WebSphere Partner Gateway Express uses IBM Java SDK and is affected by one of the vulnerabilities that exists in the IBM Java SDK version. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains security vulnerability. Th...