Security Bulletin: A potential vulnerability in IBM Java SDK affect InfoSphere Streams (CVE-2015-4872)

Summary There is a potential vulnerability in IBM® SDK Java™ Technology Edition, Versions 6 SR16 FP4, 7R1 SR3 and 8 SR1 that are used by InfoSphere Streams. This issue was disclosed as part of the IBM Java SDK updates in Oct 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Information Server (CVE-2015-4803 CVE-2015-4872 CVE-2015-4893 CVE-2015-5006)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2015. Vulnerability Details CVEID: CVE-2015-4803 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Modeler (CVE-2015-2625, CVE-2015-1931, CVE-2015-2613, CVE-2015-2601)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version Version 6 Service Refresh 16 Fix Pack 5, IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 Fix Pack 1, IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3 Fix Pack 1 that are used by I...

Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Statistics (CVE-2015-4000)

Summary TLS connections using Diffie-Hellman DH key exchange protocol, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Statistics. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Modeler (CVE-2015-0138, CVE-2015-0383, CVE-2015-0410, CVE-2014-6593)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6.0.15, 7.1.2, 7.0.8 that is used by IBM SPSS Modeler. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Modeler (CVE-2015-4000, CVE-2015-0478, CVE-2015-0488)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 3, IBM SDK Java Technology Edition, Version 7 Service Refresh 8 Fix Pack 10, and IBM SDK Java Technology Edition, Version 7R1 Service Refresh 2 Fix Pack 10 that are used by IBM SPS...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SPSS Collaboration and Deployment Services (CVE-2015-0478, CVE-2015-0488, CVE-2015-2808, CVE-2015-4000)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 1.6 and 1.7 that are used by IBM SPSS Collaboration and Deployment Services. These issues were disclosed as part of the IBM Java SDK updates in April 2015 and IBM Java SDK update addressing TLS protocol...

Security Bulletin: DH key exchange protocol vulnerability (“Logjam”) in IBM Java SDK affects IBM SPSS Analytic Server (CVE-2015-4000)

Summary Vulnerabilities in SSL/TLS protocol during key exchange phase using Diffie-Hellman DH ciphersuite, “Logjam” attack, affects IBM Java SDK 1.6, 1.7 that is used by IBM SPSS Analytic Server. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacke...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2015-0488, CVE-2015-0478 and CVE-2015-1916)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...

Security Bulletin: IBM Java SDK Vulnerability affect IBM DB2 Accessories Suite for Linux, Unix and Windows (CVE-2015-0383)

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM DB2 Accessories Suite for Linux, Unix and Windows. These issues were disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0383 DESCRIPTION: An...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM® DB2® LUW on HP-UX and Solaris (CVE-2015-0383)

Summary There is vulnerability in IBM® SDK Java™ Technology Edition, Version 6.0 SR14, 7.0 SR5 and 7.0 SR6 that is used by DB2 LUW on HP-UX and Solaris. These issues was disclosed as part of the IBM Java SDK updates in January 2015. Vulnerability Details CVEID: CVE-2015-0383 DESCRIPTION: An...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect InfoSphere Streams (CVE-2014-6457, CVE-2014-3566, CVE-2014-3065)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 1 and Version 7R1 Service Refresh 1 Fix Pack 1 that is used by InfoSphere Streams. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2014-6593 and CVE-2015-0410)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7R1 Service Refresh 2 and earlier releases, Version 7 Service Refresh 8 and earlier releases, Version 6 Service Refresh 16 Fix Pack 2 and earlier releases that are used by various Optim data server tools...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect InfoSphere Warehouse, DB2 Warehouse Edition and DB2 Warehouse Edition Tooling. (CVE-2014-6457 and CVE-2014-6558)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7.x and JDK v6.x that are used by InfoSphere Warehouse/DB2 Warehouse and Warehouse Tooling. These issues were disclosed as part of the IBM Java SDK updates in October 2014. Vulnerability Details CVEID:...

Security Bulletin: : Multiple vulnerabilities in IBM Java SDK affect Identity Insight 8.0 & 8.1 (CVE-2014-6512, CVE-2014-6457, CVE-2014-6558 and CVE-2014-3566)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6.0 that is used by IBM WebSphere Application Server embedded in IBM InfoSphere Identity Insight. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect various Optim data server tools desktop products (CVE-2014-6558, CVE-2014-3068)

Summary There are multiple vulnerabilities in IBM SDK Java™ Technology Edition, Versions 7 Service Refresh 7 Fix Pack 1, 7R1 Service Refresh 1 Fix Pack 1, 6 Service Refresh 16 Fix Pack 1, and earlier releases that are used by various Optim data server tools desktop products. These issues were...

Security Bulletin: : Multiple vulnerabilities in IBM Java SDK affect Identity Insight 8.0 and 8.1 (CVE-2014-4263) and (CVE-2014-4244)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6.0 that is used by IBM WebSphere Application Server embedded in IBM InfoSphere Identity Insight. These issues were disclosed as part of the IBM Java SDK updates in July 2014. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center (CVE-2018-2579, CVE-2018-2602, CVE-2018-2603, CVE-2018-2633, CVE-2018-1417, CVE-2018-2783, CVE-2018-2794)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 8 that is used by IBM Cognos Command Center. These issues were disclosed as part of the IBM Java SDK updates for January and April 2018. Vulnerability Details CVEID: CVE-2018-2579 DESCRIPTION:...

Security Bulletin: Security vulnerabilities have been identified in IBM Cognos Planning.

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and IBM® Runtime Environment Java™ Technology Edition, Version 7 that are used by IBM Cognos Planning. These issues were disclosed as part of the IBM Java SDK updates in October 2016, Januar...

Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM Algo One - Algo Risk Application and Core (CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-2183)

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition that affects Algo Risk Application and Core. These vulnerabilities were disclosed as part of the IBM Java SDK updates in January 2017. Vulnerability Details CVEID: CVE-2016-5546 DESCRIPTION: An unspecified vulnerability in...