High Severity

IBM Security Bulletin: Multiple Vulnerabilities in the IBM SDK Java Technology Edition affect IBM Notes

Share this post:

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition Version 6 SR16FP45 and Version 8 SR4FP5 that affect IBM Notes. These issues were disclosed as part of the IBM Java SDK updates in July 2017, fixed with Version 6 SR16FP50 and Version 8 SR4FP10.

CVE(s): CVE-2017-10110, CVE-2017-10107, CVE-2017-10101, CVE-2017-10096, CVE-2017-10090
, CVE-2017-10089, CVE-2017-10087, CVE-2017-10102, CVE-2017-10116, CVE-2017-10078, CVE-2017-10115, CVE-2017-10067, CVE-2017-10125, CVE-2017-10243
, CVE-2017-10109
, CVE-2017-10108, CVE-2017-10053
, CVE-2017-10105, CVE-2017-10111, CVE-2017-10074, CVE-2017-10081

Affected product(s) and affected version(s):

IBM Notes Standard Client 9.0.1 through Notes Standard Client 9.0.1 FP9
IBM Notes Standard Client 8.5.3 through Notes Standard Client 8.5.3 FP6 IF15
All 9.0,x, 9.0, 8.5.x and 8.5 releases of IBM Notes prior to those listed above

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22009253
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128871
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128868
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128862
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/122501
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128852
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128851
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128849
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128863
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128877
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128840
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128876
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128831
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128885
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/125293
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128870
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128869
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128822
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128866
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128872
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128837
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/128843

More stories

Security Bulletin: Security Vulnerabilties have been addressed in IBM Cognos Analytics

Jan 5, 2020 8:03 pm EST | High Severity

This Security Bulletin addresses vulnerabilities that have been addressed in IBM Cognos Analytics 11.1.4 and 11.0.13 FP2. A vulnerability has been addressed where a parameter in a Cognos URL can be modified such that Cognos HTTP messages are forwarded to a hostile server. (CVE-2018-1721) A vulnerability has been addressed where the The X-Powered-By attribute is ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Check Services for Multi-Platform

Jan 5, 2020 7:44 pm EST | High Severity

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 or Version 8 used by Financial Transaction Manager for Check Services for Multi-Platform (FMT CHK). Financial Transaction Manager for Check Services for Multi-Platform has addressed the applicable CVEs. Affected Products and Versions FTM CHK: v3.0.0.0 – 3.0.0.15, v3.0.2.0 – 3.0.2.1, v3.0.5.0 – 3.0.5.4 Refer ...read more


Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform

Jan 5, 2020 7:24 pm EST | High Severity

There are multiple vulnerabilities in the IBM® Runtime Environment Java™ Version 7 or version 8 used by Financial Transaction Manager for Corporate Payment Services for Multi-Platform (FTM CPS). Financial Transaction Manager for Corporate Payment Services for Multi-Platform has addressed the applicable CVEs. Affected Products and Versions FTM CPS: v3.0.2.0 – 3.0.2.1, v3.2.1.0 Refer to the ...read more