IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect (Tivoli Storage Manager) Windows and Macintosh Client (CVE-2016-5542, CVE-2017-3260, CVE-2016-5552)

There are multiple vulnerabilities in the IBM® Runtime Environment Java™ packaged with the IBM Spectrum Protect (formerly Tivoli Storage Manager) Windows and Macintosh Client. These issues were disclosed as part of the IBM Java SDK updates in October 2016 and January 2017.

CVE(s): CVE-2016-5542, CVE-2017-3260, CVE-2016-5552

Affected product(s) and affected version(s):

The following versions of the IBM Spectrum Protect (formerly Tivoli Storage Manager) Windows Client are affected:

• 8.1.0.0 through 8.1.0.1 – Windows and Macintosh platforms
• 7.1.0.0 through 7.1.6.4 – Windows platform
  7.1.0.0 through 7.1.6.5 – Macintosh platform
• 6.4.0.0 through 6.4.3.5 – Windows platform; the 6.4 client is not affected on the Macintosh platform.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2rY8aMz
X-Force Database: http://ift.tt/2e5s2Ku
X-Force Database: http://ift.tt/2msG8VN
X-Force Database: http://ift.tt/2lAiqcB

The post IBM Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect IBM Spectrum Protect (Tivoli Storage Manager) Windows and Macintosh Client (CVE-2016-5542, CVE-2017-3260, CVE-2016-5552) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2rXYFNz