Home

CVE-2018-1517

Description

A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. IBM X-Force ID: 141681.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.588

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.1Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.3.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.3.1Windows
Multiple Vulnerabilities are affected in IBM Cognos Controller 10.4.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.0Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.1Windows
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2569) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.30-1jpp.1.el7.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-demo-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-devel-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-jdbc-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-plugin-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.30-1jpp.2.el6_10.i686.rpmLinux
(RHSA-2018:2576) java-1.7.1-ibm security update java-1.7.1-ibm-src-1.7.1.4.30-1jpp.2.el6_10.x86_64.rpmLinux
SUSE-SU-2018:2583-1(SUSE Linux Enterprise Server 11-SP4 ) java-1_7_1-ibm-1.7.1_sr4.30-26.29.1.x86_64.rpmLinux
SUSE-SU-2018:2583-1(SUSE Linux Enterprise Server 11-SP4 ) java-1_7_1-ibm-alsa-1.7.1_sr4.30-26.29.1.x86_64.rpmLinux
SUSE-SU-2018:2583-1(SUSE Linux Enterprise Server 11-SP4 ) java-1_7_1-ibm-jdbc-1.7.1_sr4.30-26.29.1.x86_64.rpmLinux
SUSE-SU-2018:2583-1(SUSE Linux Enterprise Server 11-SP4 ) java-1_7_1-ibm-plugin-1.7.1_sr4.30-26.29.1.x86_64.rpmLinux
SUSE-SU-2018:2649-1(SUSE Linux Enterprise Server 12-SP3 ) java-1_7_1-ibm-1.7.1_sr4.30-38.26.1.x86_64.rpmLinux
SUSE-SU-2018:2649-1(SUSE Linux Enterprise Server 12-SP3 ) java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26.1.x86_64.rpmLinux
SUSE-SU-2018:2649-1(SUSE Linux Enterprise Server 12-SP3 ) java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26.1.x86_64.rpmLinux
SUSE-SU-2018:2649-1(SUSE Linux Enterprise Server 12-SP3 ) java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234