IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Initiate Master Data Service (CVE-2016-3426, CVE- 2016-3427)

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by IBM Initiate Master Data Service. These issues were disclosed as part of the IBM Java SDK updates in April 2016.

CVE(s): CVE-2016-3427, CVE-2016-3426

Affected product(s) and affected version(s):

These vulnerabilities are known to affect the following offerings:

IBM Initiate Master Data Service versions 9.5, 9.7, 10.0, 10.1 (impacts Master Data Engine component, Message Brokers component and Workbench component)

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1X0xQUH
X-Force Database: http://ift.tt/1N2N48r
X-Force Database: http://ift.tt/1N2N2xe



from IBM Product Security Incident Response Team http://ift.tt/1RQxI29