Vulnerability Bulletins

IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDKs affect IBM Virtualization Engine TS7700 - April 2015

System information
   
Affected software IBM

Description
There are multiple vulnerabilities in IBM® SDKs Java™ Technology Edition, Versions 5, 6 and 7, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in April 2015. This bulletin also addresses the RC4 Bar Mitzvah Attack for SSL/TLS vulnerability. CVE(s): CVE-2015-0488, CVE-2015-0478, CVE-2015-2808 and CVE-2015-0204 Affected product(s) and affected version(s): All versions of microcode for the IBM Virtualization

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_vulnerabilities_in_ibm_java_sdks_affect_ibm_virtualization_engine_ts7700_april_2015?lang=en_us

Standar resources
Property Value
CVE CVE-2015-0488 ,CVE-2015-0478 ,CVE-2015-2808 ,CVE-2015-0204 ,CVE-2015-1916 ,CVE-2015-1905 ,CVE-2015-1906 ,CVE-2015-0410 and CVE-2014-6593.

Version history
Version Comments Date
1.0 Advisory issued 2015-07-21
Ministerio de Defensa
CNI
CCN
CCN-CERT