There are multiple vulnerabilities in IBM SDK Java Technology Edition, Versions 6, 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in July 2016.
CVE(s): CVE-2016-3598, CVE-2016-3511, CVE-2016-3485
Affected product(s) and affected version(s):
AIX 5.3, 6.1, 7.1, 7.2
VIOS 2.2.x
The following fileset levels (VRMF) are vulnerable, if the
respective Java version is installed:
For Java6: Less than 6.0.0.585
For Java7: Less than 7.0.0.450
For Java7.1: Less than 7.1.0.350
For Java8: Less than 8.0.0.310
Note: To find out whether the affected Java filesets are installed
on your systems, refer to the lslpp command found in AIX user's guide.
Example: lslpp -L | grep -i java
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2bqHeOe
X-Force Database: http://ift.tt/2aGcUP3
X-Force Database: http://ift.tt/2b7Gtgl
X-Force Database: http://ift.tt/2b7G65u
from IBM Product Security Incident Response Team http://ift.tt/2bqH9dc
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.