IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM® Java Runtime affects IBM BigFix Compliance Analytics.

There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 Service Refresh 3 Fixpack 20 and IBM® Runtime Environment Java™ Version 8 Service Refresh 3 Fixpack 20 that is used by IBM BigFix Compliance Analytics. These issues were disclosed as part of the IBM Java SDK updates in January 2017.

CVE(s): CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2016-5547, CVE-2016-5552, CVE-2016-2183

Affected product(s) and affected version(s):

IBM BigFix Security Compliance Analytics 1.9.70

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2rorp3Q
X-Force Database: http://ift.tt/2lA4akm
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2lAiqcB
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM® Java Runtime affects IBM BigFix Compliance Analytics. appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2smqcY5