IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
BID:105118
CVE-2018-1656 |Info
IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
| Bugtraq ID: | 105118 |
| Class: | Unknown |
| CVE: |
CVE-2018-1656 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 16 2018 12:00AM |
| Updated: | Apr 18 2019 10:00AM |
| Credit: | IBM |
| Vulnerable: |
Redhat Satellite 5 Redhat Enterprise Linux 7 Redhat Enterprise Linux 6 Oracle Enterprise Manager Base Platform 13.3.0.0.0 Oracle Enterprise Manager Base Platform 13.2.0.0.0 IBM Java SDK 8 SR 5 FP 15 IBM Java SDK 8 SR 4 FP 5 IBM Java SDK 8 SR 4 FP 2 IBM Java SDK 8 SR 3 FP 10 IBM Java SDK 8 SR 3 IBM Java SDK 8 SR 2 IBM Java SDK 7R1 SR3-FP1 IBM Java SDK 7R1 SR3 FP50 IBM Java SDK 7R1 SR3 FP40 IBM Java SDK 7R1 SR3 FP30 IBM Java SDK 7R1 SR3 IBM Java SDK 7R1 SR2-FP10 IBM Java SDK 7R1 SR2 IBM Java SDK 7R1 SR1 IBM Java SDK 7R1 SR 4 FP 5 IBM Java SDK 7R1 SR 4 FP 25 IBM Java SDK 7R1 SR 4 FP 20 IBM Java SDK 7R1 SR 4 FP 15 IBM Java SDK 7R1 SR 4 FP 1 IBM Java SDK 7R1 SR 3 FP 50 IBM Java SDK 7R1 SR 3 FP 40 IBM Java SDK 7R1 SR 3 FP 20 IBM Java SDK 7R1 SR 3 FP 10 IBM Java SDK 7R1 SR 3 FP 1 IBM Java SDK 7 SR 9 FP 50 IBM Java SDK 7 SR 9 FP 40 IBM Java SDK 7 SR 9 FP 32 IBM Java SDK 7 SR 9 FP 20 IBM Java SDK 7 SR 9 FP 10 IBM Java SDK 7 SR 9 FP 1 IBM Java SDK 7 SR 10 FP 25 IBM Java SDK 7 SR 10 FP 20 IBM Java SDK 7 SR 10 FP 15 IBM Java SDK 7 SR 10 FP 1 IBM Java SDK 7 R1 IBM Java SDK 6R1 SR 8 FP 65 IBM Java SDK 6 SR 16 FP 65 IBM Java SDK 6 SR 16 FP 60 IBM Java SDK 6 SR 16 FP 55 IBM Java SDK 6 SR 16 FP 5 IBM Java SDK 6 SR 16 FP 45 IBM Java SDK 6 SR 16 FP 41 IBM Java SDK 6 SR 16 FP 30 IBM Java SDK 6 SR 16 FP 26 IBM Java SDK 6 SR 16 FP 25 IBM Java SDK 6 SR 16 FP 22 IBM Java SDK 6 SR 16 FP 15 |
| Not Vulnerable: |
IBM Java SDK 8 SR 5 FP 20 IBM Java SDK 7R1 SR 4 FP 30 IBM Java SDK 7 SR 10 FP 30 IBM Java SDK 6R1 SR 8 FP 70 IBM Java SDK 6 SR 16 FP 70 |
Discussion
IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
IBM Java SDK is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
IBM Java SDK is prone to a directory-traversal vulnerability.
A remote attacker could exploit the vulnerability using directory-traversal characters ('../') to access arbitrary files that contain sensitive information.
Exploit / POC
IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
IBM Java SDK CVE-2018-1656 Directory Traversal Vulnerability
References:
References:
- IBM Homepage (IBM)
- Bug 1618869 - (CVE-2018-1656) CVE-2018-1656 IBM JDK: path traversal flaw in the (Redhat)
- CVE-2018-1656 (Redhat)
- ibm10719653: Multiple vulnerabilities may affect IBM® SDK, Java�?� Technology Edit (IBM)
- IJ08248: FIX SECURITY VULNERABILITY CVE-2018-1656 (IBM)
- Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Db2. (IBM)
- Oracle Critical Patch Update Advisory - April 2019 (Oracle)