Vulnerability   
Search   
    Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69047
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2011:0290
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0290.

The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and
the IBM Java 2 Software Development Kit.

A denial of service flaw was found in the way certain strings were
converted to Double objects. A remote attacker could use this flaw to cause
Java based applications to hang, for example, if they parsed Double values
in a specially-crafted HTTP request. (CVE-2010-4476)

All users of java-1.6.0-ibm are advised to upgrade to these updated
packages, containing the IBM 1.6.0 SR9 Java release. All running instances
of IBM Java must be restarted for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0290.html
http://www.ibm.com/developerworks/java/jdk/alerts/

Risk factor : Medium

CVSS Score:
5.0

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4476
AIX APAR: IZ94423
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ94423
AIX APAR: PM31983
http://www-01.ibm.com/support/docview.wss?uid=swg1PM31983
Debian Security Information: DSA-2161 (Google Search)
http://www.debian.org/security/2011/dsa-2161
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053926.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/053934.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBMA02642
http://marc.info/?l=bugtraq&m=130514352726432&w=2
HPdes Security Advisory: HPSBMU02690
http://marc.info/?l=bugtraq&m=131041767210772&w=2
HPdes Security Advisory: HPSBMU02797
http://marc.info/?l=bugtraq&m=134254957702612&w=2
HPdes Security Advisory: HPSBMU02799
http://marc.info/?l=bugtraq&m=134254866602253&w=2
HPdes Security Advisory: HPSBNS02633
http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02720715&admit=109447627+1298159618320+28353475
HPdes Security Advisory: HPSBOV02634
http://marc.info/?l=bugtraq&m=130497132406206&w=2
HPdes Security Advisory: HPSBOV02762
http://marc.info/?l=bugtraq&m=133469267822771&w=2
HPdes Security Advisory: HPSBTU02684
http://marc.info/?l=bugtraq&m=130497185606818&w=2
HPdes Security Advisory: HPSBUX02633
http://marc.info/?l=bugtraq&m=129899347607632&w=2
HPdes Security Advisory: HPSBUX02641
http://marc.info/?l=bugtraq&m=129960314701922&w=2
HPdes Security Advisory: HPSBUX02642
http://marc.info/?l=bugtraq&m=130270785502599&w=2
HPdes Security Advisory: HPSBUX02645
http://marc.info/?l=bugtraq&m=130168502603566&w=2
HPdes Security Advisory: HPSBUX02725
http://marc.info/?l=bugtraq&m=132215163318824&w=2
HPdes Security Advisory: HPSBUX02777
http://marc.info/?l=bugtraq&m=133728004526190&w=2
HPdes Security Advisory: HPSBUX02860
http://marc.info/?l=bugtraq&m=136485229118404&w=2
HPdes Security Advisory: SSRT100387
HPdes Security Advisory: SSRT100390
HPdes Security Advisory: SSRT100412
HPdes Security Advisory: SSRT100415
HPdes Security Advisory: SSRT100569
HPdes Security Advisory: SSRT100627
HPdes Security Advisory: SSRT100825
HPdes Security Advisory: SSRT100854
HPdes Security Advisory: SSRT100867
HPdes Security Advisory: SSRT101146
http://www.mandriva.com/security/advisories?name=MDVSA-2011:054
http://blog.fortify.com/blog/2011/02/08/Double-Trouble
http://www.exploringbinary.com/java-hangs-when-converting-2-2250738585072012e-308/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12662
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12745
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14328
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14589
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19493
http://www.redhat.com/support/errata/RHSA-2011-0210.html
http://www.redhat.com/support/errata/RHSA-2011-0211.html
http://www.redhat.com/support/errata/RHSA-2011-0212.html
http://www.redhat.com/support/errata/RHSA-2011-0213.html
http://www.redhat.com/support/errata/RHSA-2011-0214.html
http://www.redhat.com/support/errata/RHSA-2011-0282.html
http://www.redhat.com/support/errata/RHSA-2011-0333.html
http://www.redhat.com/support/errata/RHSA-2011-0334.html
http://www.redhat.com/support/errata/RHSA-2011-0880.html
http://www.securitytracker.com/id?1025062
http://secunia.com/advisories/43048
http://secunia.com/advisories/43280
http://secunia.com/advisories/43295
http://secunia.com/advisories/43304
http://secunia.com/advisories/43333
http://secunia.com/advisories/43378
http://secunia.com/advisories/43400
http://secunia.com/advisories/43659
http://secunia.com/advisories/44954
http://secunia.com/advisories/45022
http://secunia.com/advisories/45555
http://secunia.com/advisories/49198
SuSE Security Announcement: SUSE-SA:2011:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html
SuSE Security Announcement: SUSE-SU-2011:0823 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html
http://www.vupen.com/english/advisories/2011/0365
http://www.vupen.com/english/advisories/2011/0377
http://www.vupen.com/english/advisories/2011/0379
http://www.vupen.com/english/advisories/2011/0422
http://www.vupen.com/english/advisories/2011/0434
http://www.vupen.com/english/advisories/2011/0605
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.