IBM Security Bulletin: July 2014 Java Runtime Environment (JRE) Vulnerabilities in Multiple N series Products

Multiple N series products incorporate the Java Runtime Environment (JRE) software libraries. JRE versions up to 5u65, 6u75, 7u60 and 8u5 are susceptible to multiple vulnerabilities, potentially leading to an unauthorized Operating System takeover including arbitrary code execution or to unauthorized update, insert or delete access to some Java SE accessible data. Multiple N series products have addressed the applicable CVEs.

CVE(s): CVE-2014-4227, CVE-2014-4262, CVE-2014-4216, CVE-2014-4208, CVE-2014-2490, CVE-2014-4223, CVE-2014-4219, CVE-2014-2483, CVE-2014-4209, CVE-2014-4220, CVE-2014-4268, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266, CVE-2014-4264, CVE-2014-4265, CVE-2014-4221, CVE-2014-4263, CVE-2014-4244

Affected product(s) and affected version(s):

NS OnCommand Core Package: 5.2, 5.2R1, 5.2.1P1, 5.2.1P2;
SnapManager for Oracle: 3.2, 3.3, 3.3.1;
SnapManager for SAP: 3.2, 3.3, 3.3.1, 3.4;

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2s8Jbdh
X-Force Database: http://ift.tt/UTkHyK
X-Force Database: http://ift.tt/UTkHyK
X-Force Database: http://ift.tt/1sh8sJG
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database: http://ift.tt/1sh8sJA
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database:
X-Force Database: http://ift.tt/2s8Ja9d
X-Force Database: http://ift.tt/1sh8sJA
X-Force Database: http://ift.tt/UTkETx
X-Force Database: http://ift.tt/UTkETx
X-Force Database:

The post IBM Security Bulletin: July 2014 Java Runtime Environment (JRE) Vulnerabilities in Multiple N series Products appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2s8Jx3r