IBM Java SE is vulnerable to directory traversal vulnerability. This occurs when extracting compressed dump files since the IBM SDK does not not protect against path traversal attacks.
CPE | Name | Operator | Version |
---|---|---|---|
java-1.8.0-ibm | eq | 1.8.0.4.1__1jpp.1.el6_8 | |
java-1.7.1-ibm | eq | 1.7.1.4.1__1jpp.1.el6_8 | |
java-1.7.1-ibm | eq | 1.7.1.3.40__1jpp.1.el6_7 |
www.ibm.com/support/docview.wss?uid=ibm10719653
www.securityfocus.com/bid/105118
www.securitytracker.com/id/1041765
access.redhat.com/errata/RHSA-2018:2568
access.redhat.com/errata/RHSA-2018:2569
access.redhat.com/errata/RHSA-2018:2575
access.redhat.com/errata/RHSA-2018:2576
access.redhat.com/errata/RHSA-2018:2712
access.redhat.com/errata/RHSA-2018:2713
access.redhat.com/security/updates/classification/#important
exchange.xforce.ibmcloud.com/vulnerabilities/144882
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html