Vulnerability Bulletins

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2014 & January 2015

System information
   
Affected software IBM

Description
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 7, IBM SDK Java Technology Edition, Version 6, and IBM SDK Java 2 Technology Edition, Version 5 that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2014 and January 2015. This bulletin also addresses the “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. CVE(s): CVE-2014-6512,

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_ibm_java_sdk_affect_ibm_virtualization_engine_ts7700_october_2014_january_2015?lang=en_us

Standar resources
Property Value
CVE CVE-2014-3569 ,CVE-2014-3570 ,CVE-2014-3571 ,CVE-2014-3572 ,CVE-2014-8275 ,CVE-2015-0204 ,CVE-2015-0205 ,CVE-2015-0206 ,CVE-2015-0138 ,CVE-2015-0410 ,CVE-2014-6593 ,CVE-2015-0400 ,CVE-2014-6512 ,CVE-2014-6457 ,CVE-2014-6558 and CVE-2014-3566.

Version history
Version Comments Date
1.0 Advisory issued 2015-04-20
Ministerio de Defensa
CNI
CCN
CCN-CERT