CVE-2018-1517

Published: Aug 20, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.

Affected (17)

Products: Ibm: Software Development Kit · Redhat: Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Workstation, Satellite

1 product

Software Development Kit

4 products

Enterprise Linux Desktop

Enterprise Linux Server

Enterprise Linux Workstation

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Ibm Software Development Kit	Version 6.0
Ibm Software Development Kit	Version 6 service_refresh_16
Ibm Software Development Kit	Version 6r1 service_refresh_8
Ibm Software Development Kit	Version 7.0
Ibm Software Development Kit	Version 7 service_refresh_10
Ibm Software Development Kit	Version 7r1 service_refresh_4
Ibm Software Development Kit	Version 8.0
Ibm Software Development Kit	Version 8 service_refresh_5

Configuration B

9 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Server	Version 6.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0
Redhat Satellite	Version 5.6
Redhat Satellite	Version 5.7
Redhat Satellite	Version 5.8

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (18)

http://www.ibm.com/support/docview.wss?uid=ibm10719653

Source: psirt@us.ibm.com

Vendor Advisory

http://www.securityfocus.com/bid/105117

Source: psirt@us.ibm.com

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2568

Source: psirt@us.ibm.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2569

Source: psirt@us.ibm.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2575

Source: psirt@us.ibm.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2576

Source: psirt@us.ibm.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2712

Source: psirt@us.ibm.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2713

Source: psirt@us.ibm.com

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/141681

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

http://www.ibm.com/support/docview.wss?uid=ibm10719653

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/105117

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2018:2568

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2569

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2575

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2576

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2712

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2018:2713

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/141681

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

Timeline

No history available yet.