IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Discovery (CVE-2016-0264, CVE-2016-3426)

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM InfoSphere Discovery. This issue was disclosed as part of the IBM Java SDK updates in April 2016.

CVE(s): CVE-2016-0264, CVE-2016-3426

Affected product(s) and affected version(s):

IBM InfoSphere Discovery, IBM InfoSphere Discovery for Information Integration, and IBM InfoSphere Discovery for zOS, versions 4.1.1 and 4.5 on Windows, and version 4.6 running on all platforms

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/20Kv58n
X-Force Database: http://ift.tt/1Tg5wqG
X-Force Database: http://ift.tt/1N2N2xe



from IBM PSIRT Blog http://ift.tt/1NS2E7m