Monday, August 15, 2016

IBM Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server July 2016 CPU (CVE-2016-3485)

There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed in the IBM Java SDK updates in July 2016. These may affect some configurations of IBM WebSphere Application Server Full Profile, IBM WebSphere Application Server Liberty Profile, and IBM WebSphere Application Server Hypervisor Edition.

CVE(s): CVE-2016-3485

Affected product(s) and affected version(s):

IBM Java SDK shipped with IBM WebSphere Application Server Version 9.0.0.0, 8.5.0.0 through 8.5.5.10, Version 8.0.0.0 through 8.0.0.12, Version 7.0.0.0 through 7.0.0.41.

  • This does not occur on IBM Java SDK shipped with WebSphere Application Servers Fix Packs 9.0.0.1, 8.5.5.11, 8.0.0.13 and 7.0.0.43 or later.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2b6dlnD
X-Force Database: http://ift.tt/2b7G65u



from IBM Product Security Incident Response Team http://ift.tt/2b6djMw

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.