IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM)

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.5 and 1.7 that is used by FSM. These issues were disclosed as part of the IBM Java SDK updates in October 2016 and January 2017. This bulletin addresses these vulnerabilities.

CVE(s): CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542, CVE-2017-3289, CVE-2017-3272, CVE-2017-3241, CVE-2016-5546, CVE-2017-3253, CVE-2016-5548, CVE-2016-5549, CVE-2017-3252, CVE-2016-5547, CVE-2016-5552, CVE-2017-3261, CVE-2017-3231, CVE-2017-3259, CVE-2016-2183

Affected product(s) and affected version(s):

Flex System Manager 1.3.4.0
Flex System Manager 1.3.3.0
Flex System Manager 1.3.2.1
Flex System Manager 1.3.2.0

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2s4Jy72
X-Force Database: http://ift.tt/2eDq0ND
X-Force Database: http://ift.tt/2e5p1tK
X-Force Database: http://ift.tt/2eDrVCd
X-Force Database: http://ift.tt/2e5pD2s
X-Force Database: http://ift.tt/2eDqzaq
X-Force Database: http://ift.tt/2e5s2Ku
X-Force Database: http://ift.tt/2lA6pnI
X-Force Database: http://ift.tt/2msIV19
X-Force Database: http://ift.tt/2lAcror
X-Force Database: http://ift.tt/2lA4akm
X-Force Database: http://ift.tt/2msWpdg
X-Force Database: http://ift.tt/2lAx183
X-Force Database: http://ift.tt/2msD77U
X-Force Database: http://ift.tt/2lAk4Lp
X-Force Database: http://ift.tt/2msBF5I
X-Force Database: http://ift.tt/2lAiqcB
X-Force Database: http://ift.tt/2msOwVj
X-Force Database: http://ift.tt/2lAc9xE
X-Force Database: http://ift.tt/2msIPqs
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2rzBqba