Security Bulletin: IBM WebSphere Dynamic Process Edition – Information regarding security vulnerability in IBM SDK for Java, shipped with IBM WebSphere Application Server and addressed by Oracle CPU June 2013

Aug 26, 2013 11:43 pm EDT

Multiple security vulnerabilities exist in the IBM SDK for Java™ that is shipped with IBM WebSphere Application Server included in IBM WebSphere Dynamic Process Edition. CVE(s): and CVE 2013-1571 Affected product(s) and affected version(s): IBM WebSphere Dynamic Process Edition 6.1.2, 6.2.x, 7.0.0, 7.0.1 Refer to the following reference URLs for remediation and additional vulnerability details. ...read more


Security Bulletin: IBM WebSphere Business Services Fabric – Information regarding security vulnerability in IBM SDK for Java, which shipped with IBM WebSphere Application Server and addressed by Oracle CPU June 2013

Aug 26, 2013 11:39 pm EDT

Multiple security vulnerabilities exist in the IBM SDK for Java that is shipped with IBM WebSphere Application Server and is included in IBM WebSphere Business Services Fabric. CVE(s): and CVE 2013-1571 Affected product(s) and affected version(s): IBM WebSphere Business Services Fabric Versions 6.0.0, 6.0.2, 6.1.0, 6.1.2, 6.2.x, 7.0.x IBM WebSphere Business Services Fabric for z/OS ...read more


Multiple security exposures in IBM Cognos BI Server (CVE-2013-2988, CVE-2013-2978, CVE-2013-1557, CVE-2013-0586, CVE-2013-1478)

Aug 26, 2013 11:09 pm EDT

IBM Cognos BI Server is affected by multiple security exposures. CVE(s):CVE-2013-2988, CVE-2013-2978, CVE-2013-1557, CVE-2013-0586, and CVE-2013-1478 Affected product(s) and affected version(s): IBM Cognos Business Intelligence Server 10.2.1 IBM Cognos Business Intelligence Server 10.2 IBM Cognos Business Intelligence Server 10.1.1 IBM Cognos Business Intelligence Server 10.1 IBM Cognos Business Intelligence Server 8.4.1 Refer to the following ...read more


Potential Security issue for SmartCloud Cost Management (CVE-2013-0464 and CVE-2012-3325)

Aug 26, 2013 10:54 pm EDT

Vulnerability in IBM SPSS Data Collection due to issues in Eclipse Help System (CVE-2013-0464) and Potential security exposure with IBM WebSphere Application Server after installing PM44303 (CVE-2012-3325) CVE(s): and CVE-2013-0464 and CVE-2012-3325 Affected product(s) and affected version(s): SmartCloud Cost Management Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21646737 ...read more


Security Bulletin: IBM Security Network Protection can be affected by Cross-Site Scripting and Symbol Denial of Service vulnerabilities in Ruby on Rails (CVE-2013-1854, CVE-2013-1857, CVE-2013-1855)

Aug 26, 2013 10:38 pm EDT

IBM Security Network Protection is affected by multiple vulnerabilities reported in Ruby on Rails. These vulnerabilities include multiple cross-site scripting and denial of service vulnerabilities that could be exploited remotely by an attacker with access to the Local Management Interface (LMI). CVE(s): and CVE-2013-1854, CVE-2013-1857, CVE-2013-1855 Affected product(s) and affected version(s): IBM Security Network Protection ...read more


Security Bulletin: IBM Platform HPC (CVE-2013-4002)

Aug 26, 2013 10:24 pm EDT

A variant of the Apache Xerces-J XML parser (XML4J) shipped with IBM Platform HPC is vulnerable to a denial of service attack that can be triggered by malformed XML data. CVE(s): and CVE-2013-4002 Affected product(s) and affected version(s): IBM Platform HPC V3.2 Refer to the following reference URLs for remediation and additional vulnerability details. Source ...read more


Security Bulletin: IBM Platform Cluster Manager (CVE-2013-4002)

Aug 26, 2013 10:22 pm EDT

A variant of the Apache Xerces-J XML parser (XML4J) shipped with IBM Platform Cluster Manager is vulnerable to a denial of service attack that can be triggered by malformed XML data. CVE(s): and CVE-2013-4002 Affected product(s) and affected version(s): All editions of IBM Platform Cluster Manager V3.2 and V4.1 Refer to the following reference URLs ...read more


IBM Service Deliver Manager: vulnerabilities in IBM JRE (CVE-2013-0809, CVE-2013-1493)

Aug 26, 2013 10:18 pm EDT

CVE(s):CVE-2013-0809, and CVE-2013-1493 Affected product(s) and affected version(s): IBM Service Delivery Manager 7.2.1 IBM Service Delivery Manager 7.2.2 IBM Service Delivery Manager 7.2.4 Refer to the following reference URLs for remediation and additional vulnerability details. Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21646389 ...read more


Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities in IBM JRE

Aug 26, 2013 9:56 pm EDT

IBM Notes and Domino are vulnerable to multiple attacks listed in the Oracle Java SE Critical Patch Update Advisories (February, April and June 2013) as well as miscellaneous client-side attacks listed below. The repaired IBM JRE is available in Notes and Domino 8.5.3 Fix Pack 5 and is also planned for Notes and Domino 9.0.1. ...read more