阿里云漏洞库

IBM Java是一款JRE运行时环境。

IBM JDK Java虚拟机存在信息泄露漏洞，允许攻击者利用漏洞绕过权限检查，获取敏感信息。

用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞：
http://www-01.ibm.com/support/docview.wss?uid=swg21883640

参考链接
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246
http://www-01.ibm.com/support/docview.wss?uid=swg21883640
http://www.securityfocus.com/bid/74645

1
#	类型	厂商	产品	版本	影响面
	运行在以下环境
	应用	ibm	java	*	From (including) 5.0.0.0	Up to (excluding) 5.0.16.10
	运行在以下环境
	应用	ibm	java	*	From (including) 6.0.0.0	Up to (excluding) 6.0.16.4
	运行在以下环境
	应用	ibm	java	*	From (including) 6.1.0.0	Up to (excluding) 6.1.8.4
	运行在以下环境
	应用	ibm	java	*	From (including) 7.0.0.0	Up to (excluding) 7.0.9.0
	运行在以下环境
	应用	ibm	java	*	From (including) 7.1.0.0	Up to (excluding) 7.1.3.0
	运行在以下环境
	系统	centos_7	java	*		Up to (excluding) 1.7.1-ibm-devel-1.7.1.3.0-1jpp.2.el7_1
	运行在以下环境
	系统	redhat_5	java-1.7.0-ibm	*		Up to (excluding) 1:1.7.0.9.0-1jpp.1.el5
	运行在以下环境
	系统	redhat_6	java-1.6.0-ibm	*		Up to (excluding) 1:1.6.0.16.4-1jpp.1.el5
	运行在以下环境
	系统	redhat_7	java	*		Up to (excluding) 1.7.1-ibm-devel-1.7.1.3.0-1jpp.2.el7_1
	运行在以下环境
	系统	suse_11_SP2	java-1_7_0-ibm-alsa	*		Up to (excluding) 1.6.0_sr15.0-0.5.1
	运行在以下环境
	系统	suse_11_SP3	java-1_7_0-ibm-plugin	*		Up to (excluding) 1.6.0_sr16.2-0.3.1
	运行在以下环境
	系统	suse_12	java-1_7_1-ibm	*		Up to (excluding) 1.7.1_sr3.0-11.1

CWE-ID	漏洞类型
CWE-200	信息暴露