IBM Java SDK CVE-2018-1517 Denial of Service Vulnerability

Bugtraq ID:	105117
Class:	Unknown
CVE:	CVE-2018-1517
Remote:	Yes
Local:	No
Published:	Aug 16 2018 12:00AM
Updated:	Aug 16 2018 12:00AM
Credit:	Michael Weissbacher
Vulnerable:	Redhat Satellite 5 Redhat Enterprise Linux 7 Redhat Enterprise Linux 6 + Trustix Secure Enterprise Linux 2.0 + Trustix Secure Linux 2.2 + Trustix Secure Linux 2.1 + Trustix Secure Linux 2.0 IBM Java SDK 8 SR 5 FP 15 IBM Java SDK 7R1 SR 4 FP 25 IBM Java SDK 7 SR 10 FP 25 IBM Java SDK 6R1 SR 8 FP 65 IBM Java SDK 6 SR 16 FP 65
Not Vulnerable:	IBM Java SDK 8 SR 5 FP 20 IBM Java SDK 7R1 SR 4 FP 30 IBM Java SDK 7 SR 10 FP 30 IBM Java SDK 6R1 SR 8 FP 70 IBM Java SDK 6 SR 16 FP 70

IBM Java SDK CVE-2018-1517 Denial of Service Vulnerability

IBM Java SDK is prone to denial-of-service vulnerability.

An attacker can exploit this issue to cause denial-of-service condition.

IBM Java SDK CVE-2018-1517 Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

IBM Java SDK CVE-2018-1517 Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

IBM Java SDK CVE-2018-1517 Denial of Service Vulnerability

References:

• IBM Homepage (IBM)
  
• Bug 1618871 - (CVE-2018-1517) CVE-2018-1517 IBM JDK: DoS in the java.math compo (Redhat)
  
• CVE-2018-1517 (Redhat)
  
• ibm10719653: Multiple vulnerabilities may affect IBM® SDK, Java�?� Technology Edit (IBM)