IBM Rational Service / Performance Tester Java Multiple

by Carol~ Moderator - 12/10/12 9:19 AM

In Reply to: VULNERABILITIES / FIXES - December 10, 2012 by Carol~ Moderator

IBM Rational Service / Performance Tester Java Multiple Vulnerabilities

Release Date : 2012-12-10

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
DoS
System access
Where : From remote
Solution Status : Vendor Patch

Software: IBM Rational Performance Tester 8.x
IBM Rational Service Tester 8.x

Description:
IBM has acknowledged multiple vulnerabilities in IBM Rational Service Tester and IBM Rational Performance Tester, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

The vulnerabilities exist in the bundled version of Java.

The vulnerabilities are reported in versions prior to 8.3.0.1.

Solution:
Update to version 8.3.0.1.

Original Advisory:
IBM:
http://www.ibm.com/support/docview.wss?uid=swg21617323
http://www.ibm.com/support/docview.wss?uid=swg21617321

http://secunia.com/advisories/51535/