EUVD-2009-3503

Malware in sbrugna...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2023-21830, CVE-2023-33850, CVE-2025-4447. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2016-5725 found in jsch-0.1.40.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following jsch-0.1.40.jar vulnerability and updated jsch.jar from version 0.1.40 to 0.1.55 Vulnerability Details CVEID:CVE-2016-5725 DESCRIPTION: JSch could allow a remote attacker to...

Security Bulletin: CVE-2022-40609 affects IBM® SDK, Java™ Technology Edition affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition in version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. An update has been released to address the vulnerability. Vulnerability Details CVEID:CVE-2022-40609...

Security Bulletin: Addressing the Security vulnerability CVE-2022-23437,CVE-2009-2625,CVE-2012-0881,CVE-2013-4002 found in xercesImpl-2.9.1.jar and its previous versions affects ITCAM for Transactions

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following xercesImpl-2.9.1.jar vulnerability and updated xercesImpl.jar from version 2.5.0 to 2.12.2 and its dependency xml-apis.jar to version 2.5.0 Vulnerability Details...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2018-1313 found in derbyclient-10.10.2.0.jar and its perivious versions

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following derbyclient-10.10.2.0.jar vulnerability and updated derbyclient.jar file form version 10.5.3.0 to 10.11.1.1 Vulnerability Details CVEID:CVE-2018-1313 DESCRIPTION: Apache Derb...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2018-1000632 found in dom4j-1.6.1.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following dom4j-1.6.1.jar vulnerability and updated dom4j.jar file from version 1.6.1 to 2.1.4 Vulnerability Details CVEID:CVE-2018-1000632 DESCRIPTION: dom4j could allow a remote...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2021-33813 found in jdom-1.0.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following jdom-1.0.jar vulnerability and updated jdom.jar from version 1.0 to 2.0.6.1 Vulnerability Details CVEID:CVE-2021-33813 DESCRIPTION: JDOM is vulnerable to a denial of service,...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability IBM X-Force ID: 177835 found in commons-codec-1.9.jar and its previous versions

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following commons-codec.jar vulnerability and updated commons-codec.jar from version 1.4 to 1.16.0. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could...

Security Bulletin: Addressing the Security vulnerability CVE-2020-15250 found in junit-4.10.jar and its previous versions as part of ITCAM for Transactions

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following junit-4.10.jar vulnerability and updated junit.jar from version 4.4 to 4.13.2 Vulnerability Details CVEID:CVE-2020-15250 DESCRIPTION: JUnit4 could allow a local attacker to...

Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2022-41404 found in ini4j-0.5.1.jar

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following ini4j-0.5.1.jar vulnerability and updated ini4j.jar from version 0.5.1 to 0.5.4 Vulnerability Details CVEID:CVE-2022-41404 DESCRIPTION: ini4j is vulnerable to a denial of...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring RRT Agent (CVE-2021-45346)

Summary A Memory Leak vulnerabilty exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries made via editing the Database File, it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicous user obtain...

Security Bulletin: Vulnerablity in Apache Log4j affects IBM Tivoli Composite Application Manager for Application Diagnostics (CVE-2021-44228)

Summary The following security vulnerability has been identified in the WebSphere Application Server. Apache Log4j 2.x is not used by IBM Tivoli Composite Application Manager for Application Diagnostics, but log4j-1.2.4.jar is present in one of the ear files installed on WebSphere Application...

Security Bulletin: Addressing the Sqlite Vulnerability CVE-2021-20227

Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following SQLite vulnerability: Vulnerability Details CVEID: CVE-2021-20227 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a use-after-free flaw in the SELECT quer...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2021 - Includes Oracle Jan 2021 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. These issues were disclosed as part of the IBM Java SDK updates in Jan 2021. Vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (March 2021)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14779 DESCRIPTION: An unspecified vulnerability in Java SE related to the Serialization component...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA (July 2020)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-14577 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could all...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect ITCAM for SOA

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6/7 used by ITCAM for SOA. ITCAM for SOA has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-2654 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Libraries compone...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 - CVE-2020-2601 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. CVE-2020-2601 was disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jan 2020 -CVE-2020-2590 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7 ,version 8, that is used by IBM Tivoli Composite Application Manager for Transactions - Robotic Response Time. CVE-2020-2590 was disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...