Oracle Java Runtime Environment JSSE denial of service

javaruntimeenvironment-jsse-dos (79435) The risk level is classified as MediumMedium Risk

Description:

An unspecified vulnerability in Oracle Java Runtime Environment related to JSSE could allow a remote attacker to cause a denial of service using unknown attack vectors.

*CVSS:

Base Score: 5
  Access Vector: Network
  Access Complexity: Low
  Authentication: None
  Confidentiality Impact: None
  Integrity Impact: None
  Availability Impact: Partial
 
Temporal Score: 3.7
  Exploitability: Unproven
  Remediation Level: Official-Fix
  Report Confidence: Confirmed

Consequences:

Denial of Service

Remedy:

Refer to Oracle Web site for patch, upgrade or suggested workaround information. See References.

For IBM:
Refer to IBM Security Bulletin 1626264 for patch, upgrade or suggested workaround information. See References.

For other distributions:
Apply the appropriate update for your system. See References.

References:

  • IBM APAR IO17899: UPGRADING ITDI JRE BECAUSE OF CVE-2012-5081 VULNERABILITY.
  • IBM Security Bulletin 1619418: Vulnerabilities in Rational Functional Tester versions 8.x due to security vulnerabilities in IBM JRE 7.0 Service Release 2 or earlier, and non-IBM Java 7.0.
  • IBM Security Bulletin 1620037: IBM Rational System Architect Security Vulnerability: Multiple security vulnerabilities in IBM JRE 6.
  • IBM Security Bulletin 1620575: Potential security exposure when using IBM InfoSphere Streams due to vulnerabilities in IBM Java SE Version 6 SDK.
  • IBM Security Bulletin 1621886: IBM Tivoli Federated Identity Manager can be affected by a vulnerability in IBM Java Runtime Environment (CVE-2012-5081).
  • IBM Security Bulletin 1621887: IBM Tivoli Federated Identity Manager Business Gateway can be affected by a vulnerability in IBM Java Runtime Environment (CVE-2012-5081).
  • IBM Security Bulletin 1626264: Multiple vulnerabilities in IBM Security AppScan Enterprise (CVE-2013-0532, CVE-2013-0510, CVE-2013-0512, CVE-2012-4431, CVE-2013-0513, CVE-2008-4033, CVE-2013-0474, CVE-2013-0511, CVE-2013-0473, CVE-2012-5081).
  • IBM Security Bulletin 1626504: Multiple vulnerabilities in IBM DB2 Performance Expert and IBM InfoSphere Optim Performance Manager due to vulnerabilities in IBM Java Runtime Environment (CVE-2012-1720, CVE-2012-5081).
  • IBM Security Bulletin 1626697: Multiple vulnerabilities in IBM Cognos BI 8.4.1,10.1, 10.1.1 and 10.2 (CVE-2011-3026, CVE-2011-4858, CVE-2012-0498, CVE-2012-2177, CVE-2012-2193, CVE-2012-4835, CVE-2012-4836, CVE-2012-4837, CVE-2012-4840, CVE-2012-4858, CVE-2012-5081).
  • IBM Security Bulletin 1627444: IBM InfoSphere Master Data Management Reference Data Management Hub affected by a vulnerability in the IBM JRE used by WebSphere Application Server (CVE-2012-5081).
  • IBM Security Bulletin 1631304: Multiple vulnerabilities in IBM Rational Policy Tester (CVE-2013-0532, CVE-2013-0512, CVE-2012-4431, CVE-2013-0513, CVE-2008-4033, CVE-2013-0474, CVE-2013-0473, CVE-2012-5081).
  • IBM Security Bulletin 1631323: CVSS5 TLS Issue Disclosed in the Summary Advisory for the Oracle October 2012 CPU (CVE-2012-5081).
  • IBM Security Bulletin 1631786: TADDM: Vulnerabilities in embedded JRE.
  • IBM Security Bulletin 1633918: The Java version bundled with IBM Cognos Express is susceptible to unspecified vulnerabilities in the Java Runtime Environment (JRE) (CVE-2012-0498 and CVE-2012-5081).
  • IBM Security Bulletin 1635864: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE 6.0.
  • IBM Security Bulletin 1636462: The Java version bundled with IBM OpenPages GRC Platform version 6.2 is susceptible to multiple vulnerabilities in the Java Runtime Environment (JRE).
  • IBM Security Bulletin 1637519: IBM Rational Build Forge Java (CVE-2012-3216, CVE-2012-5077, CVE-2012-5073, CVE-2012-5074, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-5069, CVE-2012-5079, CVE-2012-5088).
  • IBM Security Bulletin 1638108: Potential security vulnerabilities in RQM 4.x for the Oracle October 2012 and February 2013 CPU (CVE-2012-5081, CVE-2013-0437, CVE-2013-1478, CVE-2013-0440, CVE-2013-0443, CVE-2013-0169).
  • IBM Security Bulletin 1639328: Vulnerabilities in Rational Software Architect Design Manager, Rhapsody Design Manager (CVE-2012-5081, CVE-2013-0440, CVE-2013-0443).
  • IBM Security Bulletin 1639487: Vulnerability in IBM InfoSphere Information Server due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2012-1717, CVE-2012-1718, CVE-2012-5081).
  • IBM Security Bulletin 1639549: Potential security vulnerabilities in RTC 4.x for the Oracle October 2012 and February 2013 CPU (CVE-2012-5081, CVE-2013-0437, CVE-2013-1478, CVE-2013-0440, CVE-2013-0443, CVE-2013-0169).
  • IBM Security Bulletin 1639736: Potential security vulnerabilities in Rational Requirements Composer 4.x for the Oracle October 2012 and February 2013 CPU (CVE-2012-5081, CVE-2013-0440, CVE-2013-0443, CVE-2013-0169).
  • IBM Security Bulletin 1655075: Potential security vulnerability exist in the IBM Java SDK's TLS implementation that is shipped with Tivoli Netcool/OMNIbus Web GUI (CVE-2012-5081).
  • IBM Security Bulletin 1657767: Security Bulletin: Multiple Security vulnerability fix for IBM Tivoli Storage Manager Administration Center (CVE-2012-5081, CVE-2013-0169, CVE-2013-0443)..
  • IBM Security Bulletin 4035073: Download IBM Java SDK fixes, Security Bulletins CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2012-1717, CVE-2012-1718, CVE-2012-5081.
  • Oracle Web site: Oracle Java SE Critical Patch Update Advisory - October 2012.
  • CVE-2012-5081: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
  • RHSA-2012-1384: Critical: java-1.6.0-openjdk security update
  • RHSA-2012-1385: Important: java-1.6.0-openjdk security update
  • RHSA-2012-1386: Important: java-1.7.0-openjdk security update
  • RHSA-2012-1391: Critical: java-1.7.0-oracle security update
  • RHSA-2012-1392: Critical: java-1.6.0-sun security update
  • RHSA-2012-1465: Critical: java-1.5.0-ibm security update
  • RHSA-2012-1466: Critical: java-1.6.0-ibm security update
  • RHSA-2012-1467: Critical: java-1.7.0-ibm security update
  • RHSA-2012-1485: Critical: java-1.4.2-ibm security update
  • RHSA-2013-1455: Low: Red Hat Network Satellite server IBM Java Runtime security update
  • RHSA-2013-1456: Low: Red Hat Network Satellite server IBM Java Runtime security update
  • SA50949: Oracle Java Multiple Vulnerabilities
  • SA51141: Hitachi Cosminexus Java Multiple Vulnerabilities
  • SA52009: IBM Tivoli Directory Integrator JSSE Denial of Service Vulnerability
  • SA52402: IBM Multiple Products Java Two Vulnerabilities
  • SA52491: IBM Cognos Business Intelligence Multiple Vulnerabilities
  • SA52765: IBM Rational Policy Tester Multiple Vulnerabilities
  • SA53066: IBM QRadar Products Java Denial of Service Vulnerability
  • SA53238: IBM Cognos Express Two Vulnerabilities
  • SA53289: IBM Tivoli Federated Identity Manager Business Gateway Java Denial of Service Vulnerability

Platforms Affected:

  • IBM Cognos Business Intelligence 10.1
  • IBM Cognos Business Intelligence 10.1.1
  • IBM Cognos Business Intelligence 10.2
  • IBM Cognos Business Intelligence 8.4.1
  • IBM Cognos Express 10.1
  • IBM DB2 Performance Expert for Linux, UNIX, and Windows 3.2
  • IBM DB2 Performance Expert for Linux, UNIX, and Windows 3.2.3
  • IBM DB2 Performance Expert for Multiplatforms 3.1
  • IBM DB2 Performance Expert for Multiplatforms 3.1.1
  • IBM DB2 Performance Expert for Multiplatforms 3.1.2
  • IBM InfoSphere Information Server 8.0
  • IBM InfoSphere Information Server 8.1
  • IBM InfoSphere Information Server 8.5
  • IBM InfoSphere Information Server 8.7
  • IBM InfoSphere Information Server 9.1
  • IBM InfoSphere Master Data Management Reference Data Management Hub 10.0
  • IBM InfoSphere Master Data Management Reference Data Management Hub 10.1
  • IBM InfoSphere Optim Performance Manager 5.1
  • IBM InfoSphere Optim Performance Manager 5.1.1.1
  • IBM InfoSphere Optim Performance Manager 5.2
  • IBM InfoSphere Streams 1.2
  • IBM InfoSphere Streams 2.0
  • IBM InfoSphere Streams 3.0
  • IBM Java SDK 1.4.2
  • IBM Java SDK 5.0
  • IBM Java SDK 6.0
  • IBM Java SDK 7.0
  • IBM OpenPages GRC Platform 6.2.1
  • IBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows 4.1.0.1
  • IBM Optim Performance Manager for DB2 on Linux, UNIX, and Windows 4.1.1
  • IBM QRadar Risk Manager 7.1
  • IBM QRadar Security Information and Event Manager (SIEM) 7.1
  • IBM Rational Appscan 5.2 Enterprise
  • IBM Rational Appscan 8.0.0 Enterprise
  • IBM Rational Appscan 8.5.0 Enterprise
  • IBM Rational Build Forge 8.0
  • IBM Rational Functional Tester 8.0
  • IBM Rational Functional Tester 8.1
  • IBM Rational Functional Tester 8.2
  • IBM Rational Functional Tester 8.3
  • IBM Rational Policy Tester 5.2
  • IBM Rational Policy Tester 8.0
  • IBM Rational Quality Manager 4.0.3
  • IBM Rational Requirements Composer 4.0
  • IBM Rational Software Architect Design Manager 3.0
  • IBM Rational Software Architect Design Manager 3.0.0.1
  • IBM Rational Software Architect Design Manager 3.0.1
  • IBM Rational Software Architect Design Manager 4.0
  • IBM Rational Software Architect Design Manager 4.0.1
  • IBM Rational Software Architect Design Manager 4.0.2
  • IBM Rational System Architect 11.0
  • IBM Rational System Architect 11.1
  • IBM Rational System Architect 11.2
  • IBM Rational System Architect 11.3
  • IBM Rational System Architect 11.4
  • IBM Rational Team Concert 4.0.2
  • IBM Rhapsody Design Manager 3.0
  • IBM Rhapsody Design Manager 3.0.0.1
  • IBM Rhapsody Design Manager 3.0.1
  • IBM Rhapsody Design Manager 4.0
  • IBM Rhapsody Design Manager 4.0.1
  • IBM Rhapsody Design Manager 4.0.2
  • IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1
  • IBM Tivoli Directory Integrator 6.0
  • IBM Tivoli Directory Integrator 7.0
  • IBM Tivoli Federated Identity Manager 6.0
  • IBM Tivoli Federated Identity Manager 6.1
  • IBM Tivoli Federated Identity Manager 6.1.1
  • IBM Tivoli Federated Identity Manager 6.2
  • IBM Tivoli Federated Identity Manager 6.2.1
  • IBM Tivoli Federated Identity Manager 6.2.2
  • IBM Tivoli Federated Identity Manager Business Gateway 6.1.1
  • IBM Tivoli Federated Identity Manager Business Gateway 6.2.0
  • IBM Tivoli Federated Identity Manager Business Gateway 6.2.1
  • IBM Tivoli Federated Identity Manager Business Gateway 6.2.2
  • IBM Tivoli Netcool/OMNIbus Web GUI 7.3.0
  • IBM Tivoli Netcool/OMNIbus Web GUI 7.3.1
  • IBM Tivoli Netcool/OMNIbus Web GUI 7.4.0
  • IBM Tivoli Storage Manager 6.1
  • IBM Tivoli Storage Manager 6.2
  • IBM Tivoli Storage Manager 6.3
  • IBM WebSphere ILOG JRules 7.1.1
  • IBM WebSphere Operational Decision Manager 7.5
  • IBM WebSphere Operational Decision Manager 8.0.1
  • Oracle JDK 1.1.5.0 Update36
  • Oracle JDK 1.1.6.0 Update32
  • Oracle JDK 1.1.6.0 Update35
  • Oracle JDK 1.1.6.0 Update34
  • Oracle JDK 1.1.6.0 Update33
  • Oracle JDK 1.1.6.0 Update31
  • Oracle JDK 1.1.6.0 Update30
  • Oracle JDK 1.1.6.0 Update29
  • Oracle JDK 1.1.6.0 Update27
  • Oracle JDK 1.1.6.0 Update26
  • Oracle JDK 1.1.6.0 Update25
  • Oracle JDK 1.1.6.0 Update22
  • Oracle JDK 1.1.6.0 Update23
  • Oracle JDK 1.1.6.0 Update24
  • Oracle JDK 1.4.2_38
  • Oracle JDK 1.7.0 Update4
  • Oracle JDK 1.7.0 Update6
  • Oracle JDK 1.7.0 Update7
  • Oracle JDK 1.7.0 Update5
  • Oracle JDK 1.7.0 Update3
  • Oracle JDK 1.7.0 Update2
  • Oracle JDK 1.7.0 Update1
  • Oracle JDK 1.7.0
  • Oracle JRE 1.1.5.0 Update36
  • Oracle JRE 1.1.6.0 Update22
  • Oracle JRE 1.1.6.0 Update23
  • Oracle JRE 1.1.6.0 Update24
  • Oracle JRE 1.1.6.0 Update25
  • Oracle JRE 1.1.6.0 Update26
  • Oracle JRE 1.1.6.0 Update27
  • Oracle JRE 1.1.6.0 Update29
  • Oracle JRE 1.1.6.0 Update30
  • Oracle JRE 1.1.6.0 Update32
  • Oracle JRE 1.1.6.0 Update31
  • Oracle JRE 1.1.6.0 Update33
  • Oracle JRE 1.1.6.0 Update34
  • Oracle JRE 1.1.6.0 Update35
  • Oracle JRE 1.4.2_38
  • Oracle JRE 1.7.0 Update1
  • Oracle JRE 1.7.0 Update2
  • Oracle JRE 1.7.0 Update4
  • Oracle JRE 1.7.0 Update6
  • Oracle JRE 1.7.0 Update5
  • Oracle JRE 1.7.0 Update7
  • Oracle JRE 1.7.0
  • Oracle JRE 1.7.0 Update3
  • RedHat Enterprise Linux 5
  • RedHat Enterprise Linux 5 Client
  • RedHat Enterprise Linux 6 Workstation
  • RedHat Enterprise Linux 6 Server
  • RedHat Enterprise Linux Desktop 6
  • RedHat Enterprise Linux Desktop Supplementary 6
  • RedHat Enterprise Linux HPC Node 6
  • RedHat Enterprise Linux HPC Node Supplementary 6
  • RedHat Enterprise Linux Server Supplementary 6
  • RedHat Enterprise Linux Workstation Supplementary 6
  • RedHat RHEL Desktop Supplementary 5 Client
  • RedHat RHEL Supplementary 5 Server
  • Sun JDK 1.1.5.0
  • Sun JDK 1.1.5.0 Update2
  • Sun JDK 1.1.5.0 Update23
  • Sun JDK 1.1.5.0 Update24
  • Sun JDK 1.1.5.0 Update25
  • Sun JDK 1.1.5.0 Update26
  • Sun JDK 1.1.5.0 Update27
  • Sun JDK 1.1.5.0 Update7b03
  • Sun JDK 1.1.5.0 Update11b03
  • Sun JDK 1.1.5.0 Update28
  • Sun JDK 1.1.5.0 Update29
  • Sun JDK 1.1.5.0 Update31
  • Sun JDK 1.1.5.0 Update33
  • Sun JDK 1.1.5.0 Update12
  • Sun JDK 1.1.5.0 Update11
  • Sun JDK 1.1.5.0 Update10
  • Sun JDK 1.1.5.0 Update9
  • Sun JDK 1.1.5.0 Update8
  • Sun JDK 1.1.5.0 Update7
  • Sun JDK 1.1.5.0 Update6
  • Sun JDK 1.1.5.0 Update5
  • Sun JDK 1.1.5.0 Update4
  • Sun JDK 1.1.5.0 Update3
  • Sun JDK 1.1.5.0 Update1
  • Sun JDK 1.1.5.0 Update13
  • Sun JDK 1.1.5.0 Update14
  • Sun JDK 1.1.5.0 Update15
  • Sun JDK 1.1.5.0 Update16
  • Sun JDK 1.1.5.0 Update17
  • Sun JDK 1.1.5.0 Update18
  • Sun JDK 1.1.5.0 Update19
  • Sun JDK 1.1.5.0 Update20
  • Sun JDK 1.1.5.0 Update21
  • Sun JDK 1.1.5.0 Update22
  • Sun JDK 1.1.6.0 Update6
  • Sun JDK 1.1.6.0 Update7
  • Sun JDK 1.1.6.0 Update10
  • Sun JDK 1.1.6.0 Update11
  • Sun JDK 1.1.6.0 Update12
  • Sun JDK 1.1.6.0 Update13
  • Sun JDK 1.1.6.0 Update14
  • Sun JDK 1.1.6.0 Update15
  • Sun JDK 1.1.6.0 Update16
  • Sun JDK 1.1.6.0 Update1
  • Sun JDK 1.1.6.0 Update17
  • Sun JDK 1.1.6.0 Update1b06
  • Sun JDK 1.1.6.0 Update18
  • Sun JDK 1.1.6.0 Update19
  • Sun JDK 1.1.6.0 Update2
  • Sun JDK 1.1.6.0 Update3
  • Sun JDK 1.1.6.0 Update4
  • Sun JDK 1.1.6.0 Update5
  • Sun JDK 1.1.6.0.200 Update20
  • Sun JDK 1.1.6.0.210 Update21
  • Sun JDK 1.4.2
  • Sun JDK 1.4.2_1
  • Sun JDK 1.4.2_10
  • Sun JDK 1.4.2_11
  • Sun JDK 1.4.2_12
  • Sun JDK 1.4.2_13
  • Sun JDK 1.4.2_14
  • Sun JDK 1.4.2_15
  • Sun JDK 1.4.2_16
  • Sun JDK 1.4.2_17
  • Sun JDK 1.4.2_18
  • Sun JDK 1.4.2_19
  • Sun JDK 1.4.2_2
  • Sun JDK 1.4.2_22
  • Sun JDK 1.4.2_23
  • Sun JDK 1.4.2_25
  • Sun JDK 1.4.2_26
  • Sun JDK 1.4.2_27
  • Sun JDK 1.4.2_28
  • Sun JDK 1.4.2_29
  • Sun JDK 1.4.2_3
  • Sun JDK 1.4.2_30
  • Sun JDK 1.4.2_31
  • Sun JDK 1.4.2_32
  • Sun JDK 1.4.2_33
  • Sun JDK 1.4.2_34
  • Sun JDK 1.4.2_35
  • Sun JDK 1.4.2_36
  • Sun JDK 1.4.2_37
  • Sun JDK 1.4.2_4
  • Sun JDK 1.4.2_5
  • Sun JDK 1.4.2_6
  • Sun JDK 1.4.2_7
  • Sun JDK 1.4.2_8
  • Sun JDK 1.4.2_9
  • Sun JRE 1.1.5.0 Update7
  • Sun JRE 1.1.5.0 Update11
  • Sun JRE 1.1.5.0 Update18
  • Sun JRE 1.1.5.0 Update19
  • Sun JRE 1.1.5.0 Update20
  • Sun JRE 1.1.5.0 Update21
  • Sun JRE 1.1.5.0 Update33
  • Sun JRE 1.1.5.0 Update28
  • Sun JRE 1.1.5.0 Update31
  • Sun JRE 1.1.5.0 Update29
  • Sun JRE 1.1.5.0 Update27
  • Sun JRE 1.1.5.0 Update26
  • Sun JRE 1.1.5.0 Update25
  • Sun JRE 1.1.5.0 Update24
  • Sun JRE 1.1.5.0 Update23
  • Sun JRE 1.1.5.0 Update22
  • Sun JRE 1.1.5.0 Update17
  • Sun JRE 1.1.5.0 Update16
  • Sun JRE 1.1.5.0 Update15
  • Sun JRE 1.1.5.0 Update14
  • Sun JRE 1.1.5.0 Update2
  • Sun JRE 1.1.5.0 Update9
  • Sun JRE 1.1.5.0 Update3
  • Sun JRE 1.1.5.0 Update12
  • Sun JRE 1.1.5.0 Update10
  • Sun JRE 1.1.5.0 Update8
  • Sun JRE 1.1.5.0 Update13
  • Sun JRE 1.1.5.0
  • Sun JRE 1.1.5.0 Update6
  • Sun JRE 1.1.5.0 Update1
  • Sun JRE 1.1.5.0 Update4
  • Sun JRE 1.1.5.0 Update5
  • Sun JRE 1.1.6.0 Update14
  • Sun JRE 1.1.6.0 Update21
  • Sun JRE 1.1.6.0 Update12
  • Sun JRE 1.1.6.0 Update11
  • Sun JRE 1.1.6.0 Update10
  • Sun JRE 1.1.6.0 Update7
  • Sun JRE 1.1.6.0 Update6
  • Sun JRE 1.1.6.0 Update5
  • Sun JRE 1.1.6.0 Update4
  • Sun JRE 1.1.6.0 Update3
  • Sun JRE 1.1.6.0 Update1
  • Sun JRE 1.1.6.0 Update2
  • Sun JRE 1.1.6.0 Update17
  • Sun JRE 1.1.6.0 Update20
  • Sun JRE 1.1.6.0 Update19
  • Sun JRE 1.1.6.0 Update18
  • Sun JRE 1.1.6.0
  • Sun JRE 1.1.6.0 Update16
  • Sun JRE 1.1.6.0 Update15
  • Sun JRE 1.1.6.0 Update13
  • Sun JRE 1.4.2_1
  • Sun JRE 1.4.2_10
  • Sun JRE 1.4.2_11
  • Sun JRE 1.4.2_12
  • Sun JRE 1.4.2_13
  • Sun JRE 1.4.2_14
  • Sun JRE 1.4.2_15
  • Sun JRE 1.4.2_16
  • Sun JRE 1.4.2_17
  • Sun JRE 1.4.2_18
  • Sun JRE 1.4.2_19
  • Sun JRE 1.4.2_2
  • Sun JRE 1.4.2_20
  • Sun JRE 1.4.2_21
  • Sun JRE 1.4.2_22
  • Sun JRE 1.4.2_23
  • Sun JRE 1.4.2_24
  • Sun JRE 1.4.2_25
  • Sun JRE 1.4.2_26
  • Sun JRE 1.4.2_27
  • Sun JRE 1.4.2_28
  • Sun JRE 1.4.2_29
  • Sun JRE 1.4.2_3
  • Sun JRE 1.4.2_30
  • Sun JRE 1.4.2_31
  • Sun JRE 1.4.2_32
  • Sun JRE 1.4.2_33
  • Sun JRE 1.4.2_34
  • Sun JRE 1.4.2_35
  • Sun JRE 1.4.2_36
  • Sun JRE 1.4.2_37
  • Sun JRE 1.4.2_4
  • Sun JRE 1.4.2_5
  • Sun JRE 1.4.2_6
  • Sun JRE 1.4.2_7
  • Sun JRE 1.4.2_8
  • Sun JRE 1.4.2_9

Reported:

Oct 17, 2012

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page

* According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall IBM be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

About IBM Internet Security Systems

IBM Internet Security Systems is a trusted security advisor to thousands of the world's leading businesses and governments, helping to provide pre-emptive protection for networks, desktops and servers. The IBM Proventia? integrated security platform is designed to automatically protect against both known and unknown threats, helping to keep networks up and running and shield customers from online attacks before they impact business assets. IBM Internet Security Systems products and services are based on the proactive security intelligence of its X-Force? research and development team ? an unequivocal world authority in vulnerability and threat research. The IBM Internet Security Systems product line is also complemented by comprehensive Managed Security Services and Professional Security Services. For more information, visit the IBM Internet Security Systems Web site at www.iss.net or call 800-776-2362.