IBM Security Bulletin: January 2016 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products

Aug 21, 2017 10:00 am EDT

Categorized: High Severity

Share this post:

Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition (Java SE) software libraries. Java SE (JDK and JRE) versions below 6u111, 7u95, and 8u72 and OpenJDK versions below 1.7.0.95 and 1.8.0.71 are susceptible to multiple vulnerabilities, potentially leading to an unauthorized Operating System takeover, a partial denial of service (DOS), an unauthorized read, update, insert or delete access to a subset of Java SE accessible data.

CVE(s): CVE-2016-0494, CVE-2016-0483, CVE-2015-8472, CVE-2016-0475, CVE-2016-0466, CVE-2016-0402, CVE-2015-7575, CVE-2016-0448, CVE-2015-8126

Affected product(s) and affected version(s):

NS OnCommand Core Package: 5.2, 5.2R1, 5.2.1P1, 5.2.1P2;
SnapManager for Oracle: 3.2, 3.3, 3.3.1, 3.4, 3.4.1;
SnapManager for SAP: 3.2, 3.3, 3.3.1, 3.4, 3.4.1;
Virtual Storage Console for VMware vSphere: 6.0, 6.1, 6.2;

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2whcLyl
X-Force Database: http://ift.tt/1Tg5uPy
X-Force Database: http://ift.tt/1rUknBo
X-Force Database: http://ift.tt/1ZcEll0
X-Force Database: http://ift.tt/1WhPgug
X-Force Database: http://ift.tt/1N2N3Bz
X-Force Database: http://ift.tt/1ZcEnt4
X-Force Database: http://ift.tt/1TnIyR8
X-Force Database: http://ift.tt/1WhPjpX
X-Force Database: http://ift.tt/1rUkltb

Archives

Archives

from IBM Product Security Incident Response Team http://ift.tt/2wh8dYE