CVE-2016-5582 IBM Java SDK Multiple Vulnerabilities (Oracle October 18 2016 CPU (1.6.0_131, 1.7.0_121, 1.8.0_111))

2016年12月13日 1589点热度 0人点赞 0条评论

漏洞类别：Local

漏洞等级：

漏洞信息

IBM Java SDK and JRE are prone to multiple vulnerabilities that can be exploited by malicious people to disclose certain sensitive information, manipulate certain data, bypass certain security restrictions, cause a denial of service and compromise a vulnerable system.

Affected Versions:
IBM Java SDK and JRE prior to 6.0.16.35
IBM Java SDK and JRE prior to 6.1.8.35
IBM Java SDK and JRE prior to 7.0.9.60
IBM Java SDK and JRE prior to 7.1.3.60
IBM Java SDK and JRE prior to 8.0.3.20

漏洞危害

Successful exploitation allows attacker to compromise the system.

解决方案

Latest service refresh packs are available at Java for AIX Download page.

Refer to Oracle October 18 2016 CPU (1.6.0_131, 1.7.0_121, 1.8.0_111) to obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

IBM Java SDK Multiple Vulnerabilities (Oracle October 18 2016 CPU (1.6.0_131, 1.7.0_121, 1.8.0_111)): IBM Java SDK and JRE

0day