Miembros de
Boletines de Vulnerabilidades |
Apache Commons Vulnerability for handling Java object deserialization |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
On November 6, 2015 a remote execution vulnerability that affects multiple releases of Apache Commons Collections, was published by Foxglove Security Group. IBM is analyzing its products to determine which ones may be affected by this vulnerability. Affected IBM products will be issuing mitigations and/or fixes as soon as possible. IBM has provided a fix for the IBM WebSphere Application server. Please actively monitor both your IBM Support Portal for available fixes and this blog for More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/apachecommons?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-7450 ,CVE-2015-7431 ,CVE-2015-2613 ,CVE-2015-2601 ,CVE-2015-2625 ,CVE-2015-1931 ,CVE-2015-1829 ,CVE-2015-3183 ,CVE-2015-1283 ,CVE-2015-4947 and CVE-2015-2808. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-11-20 |