IBM Security Bulletin: Vulnerability in Apache Commons FileUpload affects IBM Sterling Secure Proxy (CVE-2016-3092)

An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by IBM Sterling Secure Proxy.

CVE(s): CVE-2016-3092

Affected product(s) and affected version(s):

IBM Sterling Secure Proxy 3.4.2 through 3.4.3.0 iFix 1
IBM Sterling Secure Proxy 3.4.2 through 3.4.2.0 iFix 8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2hwmlnh
X-Force Database: http://ift.tt/2bozrA8

from IBM Product Security Incident Response Team http://ift.tt/2hlxN76