IBM Support

IV62625: FIX SECURITY VULNERABILITY CVE-2014-4252

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
    .
    Stack Trace: N/A
    .
    

Local fix

Problem summary

  • A security vulnerability has been identified.
    

Problem conclusion

  • The Java Runtime Environment has been updated to fix the problem
    described in CVE-2014-4252 at
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4252.
    .
    This APAR will be fixed in the following Java Releases:
       7 R1 SR1 FP1   (7.1.1.1)
       7    SR7 FP1   (7.0.7.1)
       6 R1 SR8 FP1   (6.1.8.1)
       6    SR16 FP1  (6.0.16.1)
       5.0  SR16 FP7  (5.0.16.7)
    .
    Contact your IBM Product's Service Team for these Service
    Refreshes and Fix Packs.
    For those running stand-alone, Java maintenance is available
    from:
               https://www.ibm.com/developerworks/java/jdk/
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV62625

  • Reported component name

    JAVA 5 CLASS LI

  • Reported component ID

    620500130

  • Reported release

    500

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-07-17

  • Closed date

    2014-07-17

  • Last modified date

    2014-07-17

  • APAR is sysrouted FROM one or more of the following:

    IV62624

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    JAVA 5 CLASS LI

  • Fixed component ID

    620500130

Applicable component levels

  • R500 PSY

       UP

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCVQ3Y","label":"Java Class Libraries"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
17 July 2014