Boletines de Vulnerabilidades

IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Content Collector for SAP Applications (CVE-2014-6593, CVE-2015-0410, CVE-2015-0383, CVE-2015-0138)

Información sobre el sistema
   
Software afectado IBM

Descripción
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and 7 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. CVE(s): CVE-2015-0138, CVE-2014-6593, CVE-2015-0410 and CVE-2015-0383 Affected product(s) and affected

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_ibm_java_runtime_affect_ibm_content_collector_for_sap_applications_cve_2014_6593_cve_2015_0410_cve_2015_0383_cve_2015_0138?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-6593 ,CVE-2015-0410 ,CVE-2015-0383 and CVE-2015-0138.

Histórico de versiones
Versión Comentario Data
1.0 Advisory issued 2015-04-19
Ministerio de Defensa
CNI
CCN
CCN-CERT