IBM WebSphere Message Broker Java Multiple Vulnerabilities

by Carol~ Moderator - 1/29/13 2:23 PM

In Reply to: VULNERABILITIES / FIXES - January 29, 2013 by Carol~ Moderator

Release Date: 2013-01-29

Criticality level : Highly critical
Impact : Manipulation of data
Exposure of sensitive information
System access
Where : From remote
Solution Status : Vendor Patch

IBM WebSphere Message Broker 6.x
IBM WebSphere Message Broker 7.x
IBM WebSphere Message Broker 8.x

IBM has acknowledged multiple vulnerabilities in IBM WebSphere Message Broker, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

The vulnerabilities exist in the bundled version of Java.

The vulnerabilities are reported in versions 6.1.0.x, 7.0.0.x, and 8.0.0.x.

Apply APARs.

Original Advisory:
IBM (IC87635, IC87637):