Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Java_sdk | Ibm | 6.0.0.0 (including) | 6.0.0.0 (including) |
Java_sdk | Ibm | 6.1.0.0 (including) | 6.1.0.0 (including) |
Java_sdk | Ibm | 7.0.0.0 (including) | 7.0.0.0 (including) |
Java_sdk | Ibm | 7.1.0.0 (including) | 7.1.0.0 (including) |
Java_sdk | Ibm | 8.0.0.0 (including) | 8.0.0.0 (including) |
Red Hat Enterprise Linux 6 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9 | * |
Red Hat Enterprise Linux 6 Supplementary | RedHat | java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9 | * |
Red Hat Enterprise Linux 7 Supplementary | RedHat | java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el7 | * |
Red Hat Enterprise Linux 7 Supplementary | RedHat | java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7 | * |
Red Hat Satellite 5.8 | RedHat | java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9 | * |