There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 6.0
that is used by IBM Content Classification. These issues were disclosed as part of the IBM Java SDK updates in April 2016.
CVEID: CVE-2016-3443**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the 2D component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112452 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVEID: CVE-2016-3422**
DESCRIPTION:** An unspecified vulnerability in Oracle Java SE related to the 2D component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/112454 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
IBM Content Classification 8.8
Download iFix 6 for Content Classification 8.8 from Fix Central. For instructions, see:
<http://www.ibm.com/support/docview.wss?uid=swg24042294>
None