IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM SPSS Statistics Server (CVE-2017-10356, CVE-2017-10388)

There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6, 7.0, 7.1, and 8.0 used by IBM SPSS Statistics Desktop and Server Version 22, 23, 24, and 25. These issues were disclosed as part of the IBM Java SDK updates in Oct 2017.

CVE(s): CVE-2017-10356, CVE-2017-10388

Affected product(s) and affected version(s):

IBM SPSS Statistics 22.0.0.2
IBM SPSS Statistics 23.0.0.3
IBM SPSS Statistics 24.0.0.2
IBM SPSS Statistics 25.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2BOdVRD
X-Force Database: http://ift.tt/2jyFZR1
X-Force Database: http://ift.tt/2i6pawd

The post IBM Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM SPSS Statistics Server (CVE-2017-10356, CVE-2017-10388) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2Chz61N