IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDKs affect IBM Virtualization Engine TS7700 - October 2015 & January 2016
There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 5, 6 and 7, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2015 & January 2016.
CVE(s): CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4803, CVE-2016-0466
Affected product(s) and affected version(s):
All versions of microcode for the IBM Virtualization Engine TS7700 (3957-V06, 3957-V07, 3957-VEA, 3957-VEB) prior to release R2.1 are affected. All versions of R3.0 and R3.1 are also affected. In addition, microcode versions of releases R2.1, R3.2, and R3.3 prior to and including the following are also affected:
| Release | Version |
| R3.3 | 8.33.0.45 |
| R3.2 | 8.32.3.8 |
| R2.1 | 8.21.0.178 |
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/23T5xXb
X-Force Database: http://ift.tt/1WhPj9p
X-Force Database: http://ift.tt/1SAJU8Q
X-Force Database: http://ift.tt/1NzQEaa
X-Force Database: http://ift.tt/1SAJU8S
X-Force Database: http://ift.tt/1N2N3Bz
from IBM Product Security Incident Response Team http://ift.tt/23T5FG4