CVE-2015-5006

Name of the Vulnerable Software and Affected Versions IBM Java Security Components in IBM SDK, Java Technology Edition versions 8 before SR2 IBM Java Security Components in IBM SDK, Java Technology Edition versions 7 R1 before SR3 FP20 IBM Java Security Components in IBM SDK, Java Technology Edition versions 7 before SR9 FP20 IBM Java Security Components in IBM SDK, Java Technology Edition versions 6 R1 before SR8 FP15 IBM Java Security Components in IBM SDK, Java Technology Edition versions 6 before SR16 FP15

Description The issue allows physically proximate attackers to obtain sensitive information by reading the Kerberos Credential Cache. An attacker with physical access to the system could exploit this to gain access to sensitive information.

Recommendations For IBM Java Security Components in IBM SDK, Java Technology Edition version 8 before SR2, update to SR2 or later. For IBM Java Security Components in IBM SDK, Java Technology Edition version 7 R1 before SR3 FP20, update to SR3 FP20 or later. For IBM Java Security Components in IBM SDK, Java Technology Edition version 7 before SR9 FP20, update to SR9 FP20 or later. For IBM Java Security Components in IBM SDK, Java Technology Edition version 6 R1 before SR8 FP15, update to SR8 FP15 or later. For IBM Java Security Components in IBM SDK, Java Technology Edition version 6 before SR16 FP15, update to SR16 FP15 or later.