CVE-2018-1517

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
ibmsoftware_development_kit
6.0
ibmsoftware_development_kit
7.0
ibmsoftware_development_kit
8.0
redhatsatellite
5.6
redhatsatellite
5.7
redhatsatellite
5.8
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_workstation
6.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ibm-java80
bionic
Fixed 8.0.5.22-0ubuntu1
released
cosmic
dne
trusty
dne
xenial
Fixed 8.0.5.22-0ubuntu1
released
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.7.1-ibm
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.7.1-ibm-demo
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.7.1-ibm-devel
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.7.1-ibm-jdbc
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.7.1-ibm-plugin
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.7.1-ibm-src
RHEL 6
1:1.7.1.4.30-1jpp.2.el6_10
fixed
RHEL 7
1:1.7.1.4.30-1jpp.1.el7
fixed
java-1.8.0-ibm
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
java-1.8.0-ibm-demo
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
java-1.8.0-ibm-devel
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
java-1.8.0-ibm-jdbc
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
java-1.8.0-ibm-plugin
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
java-1.8.0-ibm-src
RHEL 6
1:1.8.0.5.20-1jpp.1.el6_10
fixed
RHEL 7
1:1.8.0.5.20-1jpp.1.el7
fixed
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=ibm10719653
http://www.securityfocus.com/bid/105117
https://access.redhat.com/errata/RHSA-2018:2568
https://access.redhat.com/errata/RHSA-2018:2569
https://access.redhat.com/errata/RHSA-2018:2575
https://access.redhat.com/errata/RHSA-2018:2576
https://access.redhat.com/errata/RHSA-2018:2712
https://access.redhat.com/errata/RHSA-2018:2713
https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
http://www.ibm.com/support/docview.wss?uid=ibm10719653
http://www.securityfocus.com/bid/105117
https://access.redhat.com/errata/RHSA-2018:2568
https://access.redhat.com/errata/RHSA-2018:2569
https://access.redhat.com/errata/RHSA-2018:2575
https://access.redhat.com/errata/RHSA-2018:2576
https://access.redhat.com/errata/RHSA-2018:2712
https://access.redhat.com/errata/RHSA-2018:2713
https://exchange.xforce.ibmcloud.com/vulnerabilities/141681