There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 6 that are used by IBM CommonStore for Lotus Domino and IBM Content Collector. These issues were disclosed as part of the IBM Java SDK updates in July 2014.
CVEID: CVE-2014-4244 DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94605 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
CVEID: CVE-2014-4263 DESCRIPTION: An unspecified vulnerability related to the Security component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/94606 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
IBM CommonStore for Lotus Domino 8.4
IBM Content Collector 2.1 - 4.0
Product
| VRMF| Remediation/First Fix
—|—|—
IBM CommonStore for Lotus Domino| 8.4.0.0| Contact IBM Software Support for further assistance
IBM Content Collector | 2.1.0.0 - 2.1.1.4| Contact IBM Software Support for further assistance
IBM Content Collector| 2.2.0.0 - 2.2.0.5| Apply Fix Pack 2.2.0.6-ICC-FP006 and Interim Fix 2.2.0.5-IBM-ICC-NotesClient-IF001, available from Fix Central
IBM Content Collector| 3.0.0.0 - 3.0.0.5| Apply Fix Pack 3.0.0.6-ICC-FP006 and Interim Fix 3.0.0.5-IBM-ICC-NotesClient-IF001, available from Fix Central
IBM Content Collector | 4.0.0.0 - 4.0.0.2| Apply Fix Pack 4.0.0.3-ICC-FP003, available from Fix Central
None