Boletines de Vulnerabilidades

IBM Security Bulletin: IBM Notes and Domino - Multiple vulnerabilities in IBM Java (Oracle April 2014 Critical Patch Update) and IBM HTTP Server for Domino (CVE-2014-0963)

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM Notes and Domino 9.0.1 Fix Pack 2 provides fixes for CVE-2014-0963 in the IBM HTTP Server provided with Domino and the Java issues disclosed in the Oracle April 2014 Critical Patch Update. IBM plans to make separate installers for the Oracle April-2014 Critical Patch Update on 8.5.3 Fix Pack 6/Fix Pack 6 available shortly. CVE(s): CVE-2014-0963, CVE-2014-0457, CVE-2014-2421, CVE-2014-0429, CVE-2014-0461, CVE-2014-0455, CVE-2014-2428, CVE-2014-0448, CVE-2014-0454, CVE-2014-0446,

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_notes_and_domino_multiple_vulnerabilities_in_ibm_java_oracle_april_2014_critical_patch_update_and_ibm_http_server_for_domino_cve_2014_0963?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-0963 ,CVE-2013-2174 ,CVE-2014-0015 ,CVE-2014-0138 ,CVE-2014-0139 ,CVE-2013-4248 ,CVE-2013-6420 ,CVE-2014-2497 ,CVE-2014-4049 ,CVE-2014-0114 ,CVE-2014-0964 ,CVE-2014-0457 ,CVE-2014-2421 ,CVE-2014-0429 ,CVE-2014-0461 ,CVE-2014-0455 ,CVE-2014-2428 ,CVE-2014-0448 ,CVE-2014-0454 ,CVE-2014-0446 ,CVE-2014-0452 ,CVE-2014-0451 ,CVE-2014-2402 ,CVE-2014-2423 ,CVE-2014-2427 ,CVE-2014-0458 ,CVE-2014-2414 ,CVE-2014-2412 ,CVE-2014-2409 ,CVE-2014-0460 ,CVE-2013-6954 ,CVE-2013-6629 ,CVE-2014-2401 ,CVE-2014-0449 ,CVE-2014-0459 ,CVE-2014-0453 ,CVE-2014-2398 ,CVE-2014-1876 and CVE-2014-2420.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-08-22

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT