IBM Tivoli Monitoring automates monitoring of essential system resources to detect bottlenecks and potential problems.
There are several vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) component :
-An unspecified vulnerability in Oracle Java SE related to the Java SE Deployment component could allow an unauthenticated attacker to take control of the system.:
-A flaw in the IBM J9 VM class verifier allows untrusted code to disable the security manager and elevate its privileges.
AFFECTED PRODUCTS AND VERSIONS:
The following components of IBM Tivoli Monitoring (ITM) are affected by this bulletin:
-Java (CANDLEHOME) ITM 6.2.3 Fix Pack 1 (JRE 1.6) through 6.3.0 Fix Pack 7 (JRE 7)
-Java (Tivoli Enterprise Portal client browser or webstart) ITM 6.2.3 Fix pack 1 through 6.3.0 Fix Pack 7
QID Detection Logic(Authenticated)
It checks for vulnerable versions of IBM Tivoli Monitoring (ITM)
Successful exploitation allows remote attackers to take control of the system.: