java-1.8.0-ibm is vulnerable to privilege escalation attacks. The vulnerability exists as a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges.
CPE | Name | Operator | Version |
---|---|---|---|
java-1.8.0-ibm | eq | 1.8.0.4.1__1jpp.1.el6_8 | |
java-1.7.1-ibm | eq | 1.7.1.3.40__1jpp.1.el6_7 | |
java-1.7.1-ibm | eq | 1.7.1.4.1__1jpp.1.el6_8 |
www.ibm.com/support/docview.wss?uid=isg3T1027315
www.ibm.com/support/docview.wss?uid=swg22014937
www.securityfocus.com/bid/103216
www.securitytracker.com/id/1040403
access.redhat.com/errata/RHSA-2018:0352
access.redhat.com/errata/RHSA-2018:1463
access.redhat.com/security/cve/CVE-2018-1417
access.redhat.com/security/updates/classification/#critical
developer.ibm.com/javasdk/support/security-vulnerabilities/
exchange.xforce.ibmcloud.com/vulnerabilities/138823
www.ibm.com/support/docview.wss?uid=swg22012965