Boletines de Vulnerabilidades

IBM Security Bulletin: Multiple IBM SDK Java™ Technology Edition, Version 7 security vulnerabilities addressed in IBM Endpoint Manager for Remote Control

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM Endpoint Manager for Remote Control deploys IBM SDK Java™ Technology Edition Version 7 as part of the server deployment and the controller installation. These vulnerabilities are only applicable where untrusted code may be executed using these deployed Java bundles. CVE(s): CVE-2014-0878, CVE-2014-0457, CVE-2014-2421, CVE-2014-0429, CVE-2014-0461, CVE-2014-0455, CVE-2014-2428, CVE-2014-0448, CVE-2014-0454, CVE-2014-0446, CVE-2014-0452, CVE-2014-0451, CVE-2014-2402, CVE-2014-2423,

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_ibm_sdk_java_trade_technology_edition_version_7_security_vulnerabilities_addressed_in_ibm_endpoint_manager_for_remote_control1?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-0878 ,CVE-2014-0457 ,CVE-2014-2421 ,CVE-2014-0429 ,CVE-2014-0461 ,CVE-2014-0455 ,CVE-2014-2428 ,CVE-2014-0448 ,CVE-2014-0454 ,CVE-2014-0446 ,CVE-2014-0453 ,CVE-2014-0460 ,CVE-2014-0105 ,CVE-2014-2237 ,CVE-2014-0452 ,CVE-2014-0451 ,CVE-2014-2402 ,CVE-2014-2423 ,CVE-2014-2427 ,CVE-2014-0458 ,CVE-2014-2414 ,CVE-2014-2412 ,CVE-2014-2409 ,CVE-2013-6954 ,CVE-2013-6629 ,CVE-2014-2401 ,CVE-2014-0449 ,CVE-2014-0459 ,CVE-2014-1876 and CVE-2014-2420.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-08-06

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT