Security Bulletin: Multiple vulnerabilities in IBM InfoSphere Optim Workload Replay (CVE-2015-1894, CVE-2015-1895)

Summary Multiple vulnerabilities have been identified in IBM® InfoSphere® Optim™ Workload Replay, allowing an attacker to obtain information or gain access to data and operations that are restricted to authorized users. Vulnerability Details CVEID: CVE-2015-1894 DESCRIPTION: IBM Optim Workload...

Security Bulletin: Vulnerability in SSLv3 affects IBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS(CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM InfoSphere Optim Query Workload Tuner for DB2 for z/OS. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remo...

Security Bulletin: IBM InfoSphere Optim Workload Replay Cross Site Scripting Vulnerability (CVE-2014-0827)

Summary An attacker can trick a user into inserting a mal-formed URL address into a browser or clicking on a mal-formed URL link and exploit a cross-site scripting vulnerability to gain unauthorized access or collect sensitive information. Vulnerability Details CVE ID:CVE-2014-0827 CVSS: CVSS Bas...

Security Bulletin: Vulnerabilities in Open Source GNU glibc affect IBM Workload Deployer (CVE-2014-9761, CVE-2015-8778, CVE-2015-8779)

Summary Vulnerabilities in Open Source GNU glibc affect IWD Workload Deployer. Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an overly long string, a...

Security Bulletin: Vulnerability in Open Source GNU glibc affects IBM Workload Deployer. (CVE-2015-8776)

Summary A vulnerability in Open Source GNU glibc affects IWD Workload Deployer. Vulnerability Details CVEID: CVE-2015-8776 DESCRIPTION: GNU C Library glibc is vulnerable to a denial of service. By passing out-of-range time values to the strftime function, a remote attacker could exploit this...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2105 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2016-0359)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP Response Splitting...

Security Bulletin: Vulnerabilities in Apache Struts has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2016-1181 and CVE-2016-1182)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Vulnerabilities in Apac...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Workload Deployer.

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0705 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused b...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer. (CVE-2016-0701, CVE-2015-3197)

Summary OpenSSL vulnerabilities were disclosed on January 28, 2016 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-0701 DESCRIPTION: OpenSSL could allow a remote attacker to conduct...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM Workload Deployer. (CVE-2016-3426 and CVE-2016-0264)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IWD Workload Deployer. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details CVEID: CVE-2016-3426 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Workload Deployer. (CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-1794)

Summary OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Workload Deployer. IBM Workload Deployer has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3193 DESCRIPTION: OpenSSL could allow a remote attacker to obtain...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2016-0306)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Potential security...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Workload Deployer. (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition Version 6 that is used by IBM Workload Deployer. The issue was disclosed as part of the IBM Java SDK updates in October 2015. Vulnerability Details CVEID: CVE-2015-4872 DESCRIPTION: An unspecified vulnerability related to the...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Workload Deployer. (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM Workload Deployer. Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nssdns backen...

Security Bulletin:A vulnerability in IBM Java SDK affects IBM Workload Deployer. (CVE-2015-7575)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition Version 6 that is used by IBM Workload Deployer. The issue was disclosed as part of the IBM Java SDK updates in January 2016 and this vulnerability is commonly referred to as “SLOTH”. Vulnerability Details CVEID: CVE-2015-7575...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2015-7417)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Cross-site scripting...

Security Bulletin:A security vulnerability has been identified in IBM HTTP Server used by IBM WebSphere Application Server which is shipped with IBM Workload Deployer (CVE-2015-3183)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP Request smuggling...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2015-4938)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin Multiple Security...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Workload Deployer (CVE-2015-2017)

Summary IBM WebSphere Application Server is shipped as a component of IBM Workload Deployer. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Consult the security bulletin HTTP response splitting...