Vulnerability CVE-2018-1517


Published: 2018-08-20

Description:
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Redhat -> Satellite 
Redhat -> Enterprise linux desktop 
Redhat -> Enterprise linux server 
Redhat -> Enterprise linux workstation 
IBM -> SDK 
IBM -> Software development kit 

 References:
http://www.ibm.com/support/docview.wss?uid=ibm10719653
http://www.securityfocus.com/bid/105117
https://access.redhat.com/errata/RHSA-2018:2568
https://access.redhat.com/errata/RHSA-2018:2569
https://access.redhat.com/errata/RHSA-2018:2575
https://access.redhat.com/errata/RHSA-2018:2576
https://access.redhat.com/errata/RHSA-2018:2712
https://access.redhat.com/errata/RHSA-2018:2713
https://exchange.xforce.ibmcloud.com/vulnerabilities/141681

Copyright 2024, cxsecurity.com

 

Back to Top