IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM) (Multiple CVEs)

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 Service Refresh 16 Fix Pack 15 and subsequent releases, that is used by IBM Tivoli Netcool Configuration Manager (ITNCM). These issues were disclosed as part of the IBM Java SDK updates for October 2015.

CVE(s): CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4803, CVE-2015-4734, CVE-2015-5006


Affected product(s) and affected version(s):

ITNCM 6.3.0.6 IF003 and earlier
ITNCM 6.4.1.3 IF001 and earlier

IBM Runtime Environment Java Technology Edition, Version 6 Service Refresh 16 Fix Pack 15 and subsequent releases

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/23NlVbQ
X-Force Database: http://ift.tt/1WhPj9p
X-Force Database: http://ift.tt/1SAJU8Q
X-Force Database: http://ift.tt/1NzQEaa
X-Force Database: http://ift.tt/1SAJU8S
X-Force Database: http://ift.tt/23NlSN3
X-Force Database: http://ift.tt/1NzQEae


from IBM Product Security Incident Response Team http://ift.tt/23NlSN5