Internet threat level: 1
Home→Descriptions→SA51586
IBM InfoSphere BigInsights Java and Jetty Denial of Service Vulnerabilities
| Secunia ID | |
| CVE-ID | |
| Release Date |
18 Dec 2012 |
| Last Change |
20 Dec 2012 |
| Criticality | |
| Solution Status |
Vendor Patch |
| Software |
IBM InfoSphere BigInsights 1.x |
| Where | |
| Impact |
DoS (Denial of Service)This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system. |
| Description |
IBM has acknowledged two vulnerabilities in IBM InfoSphere BigInsights, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) The application bundles a vulnerable version of Java. For more information: 2) The application bundles a vulnerable version of Jetty. For more information: The vulnerabilities are reported in versions 1.1 through 1.4. |
| Solution |
Apply Fix Pack or upgrade to version 2.0. IBM InfoSphere BigInsights versions 1.1 and 1.2: IBM InfoSphere BigInsights versions 1.3 and 1.3.0.1: IBM InfoSphere BigInsights version 1.4: IBM InfoSphere BigInsights version 1.3.0.0 Power Linux: |
| Original Advisory |
http://www.ibm.com/support/docview.wss?uid=swg21620330 |
© 1997-2013 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.
The authors' opinions do not necessarily reflect the official positions of Kaspersky Lab.