12 matches found
Security Bulletin: IBM SDK Java Quarterly Oct 2020 Vulnerabilities Affect IBM Transformation Extender
Summary There are vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2020 - Includes Oracle Oct 2020 CPU minus CVE-2020-14782 that affect IBM Transformation Extender. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Produc...
Security Bulletin: IBM SDK Java Quarterly CPU Jul 2020 Vulnerabilities Affect IBM Transformation Extender
Summary There are vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2020-14579 DESCRIPTION: An unspecified vulnerability in Java SE...
Security Bulletin: Multiple IBM Runtime Environments Java Technology Edition vulnerabilities affect IBM Transformation Extender
Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2019-11771 DESCRIPTION: Eclipse OpenJ9 could allow a...
Security Bulletin: Multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7, 8 affect IBM Transformation Extender Hypervisor Edition (CVE-2016-0466, CVE-2015-7575)
Summary There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7, 8 that are used by IBM Transformation Extender Hypervisor Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and include the vulnerability commonl...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Transformation Extender (CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5, 6, 7 that are used by WebSphere Transformation Extender. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTIO...
Security Bulletin: GNU C library (glibc) vulnerability affects WebSphere Transformation Extender with Launcher Hypervisor Edition [for RHEL] (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects WebSphere Transformation Extender with Launcher Hypervisor Edition for RHEL. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION: The gethostbyname functions of the GNU C Library glibc are vulnerable to a buff...
Security Bulletin: TLS padding vulnerability affects WebSphere Transformation Extender Secure Adapter Collection (CVE-2014-8730)
Summary Transport Layer Security TLS padding vulnerability via a POODLE Padding Oracle On Downgraded Legacy Encryption like attack affects WebSphere Transformation Extender Secure Adapter Collection. Vulnerability Details CVE-ID: CVE-2014-8730 DESCRIPTION: Product could allow a remote attacker to...
Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection vulnerabilities: RSA BSAFE-C (CVE-2014-4191, CVE-2014-4192) and SSLv3 (CVE-2014-3566)
Summary EMC RSA BSAFE-C Toolkits, utilized by WebSphere Transformation Extender Secure Adapter Collection, could allow a remote attacker to obtain sensitive information. Additionally, SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption...
Security Bulletin: Vulnerabilities in Bash and GNU C Library affect WebSphere Transformation Extender (WTX) with Launcher Hypervisor Edition (CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-5119, CVE-2014-7186, CVE-2014-7187)
Summary Bash and GNU C Library vulnerabilities were disclosed in September 2014. This bulletin addresses the vulnerabilities that have been referred to as “Bash Bug” or “Shellshock”, a heap-based buffer overflow, and two memory corruption vulnerabilities. Bash and glibc are included in Red Hat...
Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection 8.4.1.1 CPU utilization and insecure Elliptic Curve Digital Signature Algorithm (CVE-2014-0963, CVE-2014-0076)
Summary IBM WebSphere Transformation Extender Secure Adapter Collection product is affected by two issues: one related to the TLS implementation which, under very specific conditions, can cause CPU utilization to rapidly increase, the other related to an insecure Elliptic Curve Digital Signature...
Security Bulletin: Multiple security vulnerabilities exist in WebSphere Transformation Extender (CVE-2013-5802 CVE-2013-4002 CVE-2013-5825 CVE-2013-5372 CVE-2013-0599 CVE-2013-0464 CVE-2013-0467 CVE-2013-2962 CVE-2013-2415)
Summary WebSphere Transformation Extender products are affected by multiple security vulnerabilities that exist in Oracle JRE and IBM Eclipse Help System. Additionally, WTX Launcher is vulnerable to a denial of service attack using a buffer overflow. Vulnerability Details WebSphere Transformation...
Buffer overflow
Buffer overflow in the Launcher in IBM WebSphere Transformation Extender 8.4.x before 8.4.0.4 allows local users to cause a denial of service process crash or Admin Console command-stream outage via unspecified vectors...