IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM MessageSight (CVE-2016-5568, CVE-2016-5556, CVE-2016-5597, and CVE-2016-5554)

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 7, 7R1 and 8 used by IBM MessageSight. These issues were disclosed as part of the IBM Java SDK updates in October 2016.

CVE(s): CVE-2016-5568, CVE-2016-5556, CVE-2016-5597, CVE-2016-5554

Affected product(s) and affected version(s):

IBM MessageSight v1.1 – 1.1.0.1
IBM MessageSight v1.2 – 1.2.0.3
IBM MessageSight v2.0 – 2.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2kaAieR
X-Force Database: http://ift.tt/2eDq0ND
X-Force Database: http://ift.tt/2e5p1tK
X-Force Database: http://ift.tt/2e5pD2s
X-Force Database: http://ift.tt/2eDqzaq

from IBM Product Security Incident Response Team http://ift.tt/2jgbaz7