High Severity

IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition

Share this post:

Java SE issues disclosed in the Oracle October 2016 Critical Patch Update

CVE(s): CVE-2016-5582, CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542

Affected product(s) and affected version(s):

These vulnerabilities affect IBM SDK, Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 30 and earlier releases
These vulnerabilities affect IBM SDK, Java Technology Edition, Version 6R1 Service Refresh 8 Fix Pack 30 and earlier releases
These vulnerabilities affect IBM SDK, Java Technology Edition, Version 7 Service Refresh 9 Fix Pack 50 and earlier releases
These vulnerabilities affect IBM SDK, Java Technology Edition, Version 7R1 Service Refresh 3 Fix Pack 50 and earlier releases
These vulnerabilities affect IBM SDK, Java Technology Edition, Version 8 Service Refresh 3 Fix Pack 11 and earlier releases

NOTE: CVE-2016-5582 affects IBM SDK, Java Technology Edition on Solaris, HP-UX and Mac OS only.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=swg21985393
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118069
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118068
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118067
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118070
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118071
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118072
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/118073

More stories

Security Bulletin: Openstack Compute (Nova) noVNC proxy

Oct 26, 2021 8:00 pm EDT | High Severity

Fix OpenStack Nova allowing a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability in the noVNC component. By modifying untrusted URL input using multiple backslashes, an attacker could exploit this vulnerability to redirect a victim to arbitrary website ...read more


Security Bulletin: A vulnerability exists in the restricted shell of the IBM FlashSystem 900

Oct 25, 2021 8:00 pm EDT | High Severity

A vulnerability exists in the IBM FlashSystem 900 restricted shell (CVE-2021-29873). An exploit of this vulnerability could allow an authenticated attacker to access sensitive information or cause a denial of service. ...read more


Security Bulletin: IBM Planning Analytics Workspace is affected by security vulnerabilities

Oct 25, 2021 8:00 pm EDT | High Severity

The Planning Analytics Workspace component of IBM Planning Analytics is affected by vulnerabilities These have been addressed in IBM Planning Analytics Local v2.0 - Planning Analytics Workspace Release 69. ...read more