IBM Java SDK CVE-2017-1289 XML External Entity Injection Vulnerability

IBM Java SDK is prone to an XML External Entity injection vulnerability.

Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition.

The following versions are vulnerable:

IBM Java SDK 6 Service Refresh 16 Fix Pack 41 and prior.
IBM Java SDK 6R1 Service Refresh 8 Fix Pack 41 and prior.
IBM Java SDK 7 Service Refresh 10 Fix Pack 1 and prior.
IBM Java SDK 7R1 Service Refresh 4 Fix Pack 1 and prior.
IBM Java SDK 8 Service Refresh 4 Fix Pack 2 and prior.


 

Privacy Statement
Copyright 2010, SecurityFocus