Vulnerability & Exploit Database

Back to search

RHSA-2014:1880: java-1.7.1-ibm security update

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) October 14, 2014 November 23, 2014 October 29, 2017

Available Exploits 


IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environmentand the IBM Java Software Development Kit.This update fixes several vulnerabilities in the IBM Java RuntimeEnvironment and the IBM Java Software Development Kit. Detailedvulnerability descriptions are linked from the IBM Security alertspage, listed in the References section. (CVE-2014-3065, CVE-2014-3566,CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6476,CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6506,CVE-2014-6511, CVE-2014-6512, CVE-2014-6515, CVE-2014-6527, CVE-2014-6531,CVE-2014-6532, CVE-2014-6558)The CVE-2014-6512 issue was discovered by Florian Weimer of Red HatProduct Security.Note: With this update, the IBM SDK now disables the SSL 3.0 protocol toaddress the CVE-2014-3566 issue (also known as POODLE). Refer to the IBMarticle linked to in the References section for additional details aboutthis change and instructions on how to re-enable SSL 3.0 support if needed.All users of java-1.7.1-ibm are advised to upgrade to these updatedpackages, containing the IBM Java SE 7R1 SR2 release. All running instancesof IBM Java must be restarted for the update to take effect.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now




Related Vulnerabilities