CVE-2018-1517: Input Validation
First published: Thu Aug 16 2018(Updated: )
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Software Development Kit | =6-service_refresh_16 | |
| Ibm Software Development Kit | =6.0 | |
| Ibm Software Development Kit | =6r1-service_refresh_8 | |
| Ibm Software Development Kit | =7-service_refresh_10 | |
| Ibm Software Development Kit | =7.0 | |
| Ibm Software Development Kit | =7r1-service_refresh_4 | |
| Ibm Software Development Kit | =8-service_refresh_5 | |
| Ibm Software Development Kit | =8.0 | |
| Redhat Satellite | =5.6 | |
| Redhat Satellite | =5.7 | |
| Redhat Satellite | =5.8 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Redhat Enterprise Linux Workstation | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.ibm.com/support/docview.wss?uid=ibm10719653
- http://www.securityfocus.com/bid/105117
- https://access.redhat.com/errata/RHSA-2018:2568
- https://access.redhat.com/errata/RHSA-2018:2569
- https://access.redhat.com/errata/RHSA-2018:2575
- https://access.redhat.com/errata/RHSA-2018:2576
- https://access.redhat.com/errata/RHSA-2018:2712
- https://access.redhat.com/errata/RHSA-2018:2713
- https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
- https://www-01.ibm.com/support/docview.wss?uid=ibm10719653
- https://developer.ibm.com/javasdk/support/security-vulnerabilities/#IBM_Security_Update_August_2018
- https://bugzilla.redhat.com/show_bug.cgi?id=1618871
- collector/nvd-index
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-1517
- agent/softwarecombine
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm software development kit
- version/ibm software development kit/6-service_refresh_16
- version/ibm software development kit/6.0
- version/ibm software development kit/6r1-service_refresh_8
- version/ibm software development kit/7-service_refresh_10
- version/ibm software development kit/7.0
- version/ibm software development kit/7r1-service_refresh_4
- version/ibm software development kit/8-service_refresh_5
- version/ibm software development kit/8.0
- vendor/redhat
- canonical/redhat satellite
- version/redhat satellite/5.6
- version/redhat satellite/5.7
- version/redhat satellite/5.8
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- version/redhat enterprise linux workstation/7.0