IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio and IBM ILOG CPLEX Enterprise Server (CVE-2016-5554, CVE-2016-5556, CVE-2016-5568, CVE-2016-5582)

There are multiple vulnerabilities in IBM® Runtime Environments Java™ Technology Edition, Versions 6, 7 and 8 used by IBM ILOG CPLEX Optimization Studio and IBM ILOG CPLEX Enterprise Server. These issues were disclosed as part of the IBM Java SDK updates in October 2016.

CVE(s): CVE-2016-5582, CVE-2016-5568, CVE-2016-5556, CVE-2016-5554

Affected product(s) and affected version(s):

IBM CPLEX Optimization Studio (COS) v12.7 and earlier
IBM CPLEX Enterprise Server (CES) v12.7 and earlier

NOTE: CVE-2016-5582 affects IBM SDK, Java Technology Edition on Solaris, HP-UX and Mac OS only.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fuaEOT
X-Force Database: http://ift.tt/2fVzmWT
X-Force Database: http://ift.tt/2eDq0ND
X-Force Database: http://ift.tt/2e5p1tK
X-Force Database: http://ift.tt/2eDqzaq

from IBM Product Security Incident Response Team http://ift.tt/2fVAaeJ