CVE-2016-5582 IBM AIX Java Multiple Vulnerabilities (java_oct2016_advisory)

There are multiple vulnerabilities in IBM SDK Java Technology Edition Versions 6, 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in October 2016. The following vulnerabilities exists in IBM AIX:-
1. An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Hotspot component has high confidentiality impact, high integrity impact, and high availability impact. (CVE-2016-5582)
2. An unspecified vulnerability in Oracle Java SE related to the AWT component has high confidentiality impact, high integrity impact, and high availability impact. (CVE-2016-5568)
3.An unspecified vulnerability in Oracle Java SE related to the 2D component has high confidentiality impact, high integrity impact, and high availability impact. (CVE-2016-5556)
4. An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Hotspot component has high confidentiality impact, high integrity impact, and high availability impact. (CVE-2016-5573)
5. An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Networking component could allow a remote attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. (CVE-2016-5597)
6. An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the JMX component has no confidentiality impact, low integrity impact, and no availability impact. (CVE-2016-5554)
7. An unspecified vulnerability in Oracle Java SE and Java SE Embedded related to the Libraries component has no confidentiality impact, low integrity impact, and no availability impact. (CVE-2016-5542)

Affected Versions:-
AIX 5.3, 6.1, 7.1, 7.2

Successful exploitation allows remote attackers to affect confidentiality, integrity, and availability impact.

The vendor has released fixes to resolve this vulnerability. Refer to AIX java_oct2016_advisory to obtain more information.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

java_oct2016_advisory: AIX 5.3, 6.1, 7.1 and 7.2 (Java)