There are multiple vulnerabilites in IBM® Runtime Environment Java™ Versions 6 and 7 that are used by IBM WebSphere MQ. These issues were disclosed as part of the IBM Java SDK updates in July 2016.
CVE(s): CVE-2016-3485
Affected product(s) and affected version(s):
IBM MQ 9.0.0.x Long Term Support (LTS)
Maintenance level 9.0.0.0 only
IBM MQ 9.0.x Continuous Delivery Release (CDR)
Continuous delivery update 9.0.1 only
WebSphere MQ 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.5
IBM MQ Appliance 8.0
Maintenance levels between 8.0.0.0 and 8.0.0.5
WebSphere MQ 7.5
Maintenance levels between 7.5.0.0 and 7.5.0.7
WebSphere MQ 7.1
Maintenance levels between 7.1.0.0 and 7.1.0.7
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2vcektk
X-Force Database: http://ift.tt/2b7G65u
The post IBM Security Bulletin: A vulnerability in IBM Java Runtime affects IBM WebSphere MQ (CVE-2016-3485 ) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2vcnWnH
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.