Vulnerability Details CVE-2018-1517
A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 5.0
References
- http://www.ibm.com/support/docview.wss?uid=ibm10719653
- http://www.securityfocus.com/bid/105117
- https://access.redhat.com/errata/RHSA-2018:2568
- https://access.redhat.com/errata/RHSA-2018:2569
- https://access.redhat.com/errata/RHSA-2018:2575
- https://access.redhat.com/errata/RHSA-2018:2576
- https://access.redhat.com/errata/RHSA-2018:2712
- https://access.redhat.com/errata/RHSA-2018:2713
- https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
- http://www.ibm.com/support/docview.wss?uid=ibm10719653
- http://www.securityfocus.com/bid/105117
- https://access.redhat.com/errata/RHSA-2018:2568
- https://access.redhat.com/errata/RHSA-2018:2569
- https://access.redhat.com/errata/RHSA-2018:2575
- https://access.redhat.com/errata/RHSA-2018:2576
- https://access.redhat.com/errata/RHSA-2018:2712
- https://access.redhat.com/errata/RHSA-2018:2713
- https://exchange.xforce.ibmcloud.com/vulnerabilities/141681
Products affected by CVE-2018-1517
-
cpe:2.3:a:ibm:software_development_kit:6
-
cpe:2.3:a:ibm:software_development_kit:6.0
-
cpe:2.3:a:ibm:software_development_kit:6r1
-
cpe:2.3:a:ibm:software_development_kit:7
-
cpe:2.3:a:ibm:software_development_kit:7.0
-
cpe:2.3:a:ibm:software_development_kit:7r1
-
cpe:2.3:a:ibm:software_development_kit:8
-
cpe:2.3:a:ibm:software_development_kit:8.0
-
cpe:2.3:a:redhat:satellite:5.6
-
cpe:2.3:a:redhat:satellite:5.7
-
cpe:2.3:a:redhat:satellite:5.8
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0