Action not permitted
Modal body text goes here.
CVE-2009-2674
Vulnerability from cvelistv5
Published
2009-08-05 19:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T05:59:56.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/" }, { "name": "RHSA-2009:1200", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "36162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36162" }, { "name": "ADV-2009-2543", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "GLSA-200911-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "name": "HPSBUX02476", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10073", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" }, { "name": "36248", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36248" }, { "name": "263428", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "name": "MDVSA-2009:209", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "FEDORA-2009-8329", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "SSRT090250", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "TA09-294A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "36180", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36180" }, { "name": "oval:org.mitre.oval:def:8073", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "36176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/36176" }, { "name": "FEDORA-2009-8337", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "SUSE-SR:2009:016", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "name": "37300", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37300" }, { "name": "APPLE-SA-2009-09-03-1", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "RHSA-2009:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "SUSE-SA:2009:043", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "name": "37386", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/37386" }, { "name": "sun-jre-jpeg-bo(52339)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2009-08-04T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/" }, { "name": "RHSA-2009:1200", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "36162", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36162" }, { "name": "ADV-2009-2543", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "GLSA-200911-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "name": "HPSBUX02476", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10073", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" }, { "name": "36248", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36248" }, { "name": "263428", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "name": "MDVSA-2009:209", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "FEDORA-2009-8329", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "SSRT090250", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "TA09-294A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "36180", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36180" }, { "name": "oval:org.mitre.oval:def:8073", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "36176", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/36176" }, { "name": "FEDORA-2009-8337", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "SUSE-SR:2009:016", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "name": "37300", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37300" }, { "name": "APPLE-SA-2009-09-03-1", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "RHSA-2009:1201", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "SUSE-SA:2009:043", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "name": "37386", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/37386" }, { "name": "sun-jre-jpeg-bo(52339)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2674", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "36162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36162" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "GLSA-200911-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "name": "HPSBUX02476", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10073", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" }, { "name": "36248", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36248" }, { "name": "263428", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "SSRT090250", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "TA09-294A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "36180", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36180" }, { "name": "oval:org.mitre.oval:def:8073", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "36176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36176" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "SUSE-SR:2009:016", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "name": "37300", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37300" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "SUSE-SA:2009:043", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "name": "37386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37386" }, { "name": "sun-jre-jpeg-bo(52339)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-2674", "datePublished": "2009-08-05T19:00:00", "dateReserved": "2009-08-05T00:00:00", "dateUpdated": "2024-08-07T05:59:56.647Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2009-2674\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-08-05T19:30:01.267\",\"lastModified\":\"2018-10-30T16:25:14.043\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de enteros en el archivo javaws.exe en Sun Java Web Start en Sun Java Runtime Environment (JRE) en JDK y JRE versi\u00f3n 6 anterior a Update 15, permite a los atacantes dependiendo del contexto ejecutar c\u00f3digo arbitrario por medio de una imagen JPEG creada que no se maneja apropiadamente durante la visualizaci\u00f3n de una imagen de bienvenida, que desencadena un desbordamiento de b\u00fafer basado en la regi\u00f3n heap de la memoria.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F93BBE-1E8C-4EB3-BCC7-20AB2D813F98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C9F6EA8-6A88-4485-89A3-0FDF84AB51DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7680A8A-EC07-4819-A93C-B8EBF8B1199F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA89349B-834C-42D0-84C6-CA73CE1F8B26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7865369-9DE6-4C20-ACD2-CCC14ED54701\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"8614E7A0-091C-4080-89FA-B2C7609B4AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"67E0818A-3675-4293-89FE-5001E36C0F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"95112B98-B6B2-43FA-BF76-F518649CF3BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A18341A-3688-48E7-95AD-283EC9C95B4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E301C59A-47F5-4861-9091-D0002CBA5B7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCD4F889-710C-43C5-85DD-70E96F8FE313\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED195051-AAC7-4EE1-B936-18D1C8AD2498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"44146DF6-F368-4F17-B379-34194873D80F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:6:update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"18B70D77-F631-47D8-95A5-1D3A7E8BF63B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F98D2BD-2AC1-4C4C-8A10-71093DCBC4E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D6FCAFC-F41C-4C6F-9EA4-46AEFF65CC5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BA9E6CD-F43F-487D-9638-406B72D51471\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D2F4664-E158-45ED-81B6-D8371F1C6B9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_13:*:*:*:*:*:*\",\"matchCriteriaId\":\"26826BB7-0EF6-439B-87F4-5BCCEA3A8907\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDC09958-5286-4C16-AB6F-63B4BDD902B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDE1E9E9-85EF-4ACA-902B-00225EB4324F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0CDBFCB-42EA-4F19-A98D-7696B0D526CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"53DCFF2A-77A7-41DB-A712-9B6D1FD2574A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C6F76F-68FD-4794-9182-935D85910C1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"6314C9DF-9421-445D-ABCC-79EDCED23156\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"533670FA-B8DC-40B4-ADC1-CCD70E4A43A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:6:update_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"119B72FA-8B85-4D1F-8A14-5B07204DAED5\"}]}]}],\"references\":[{\"url\":\"http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/36162\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36176\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36180\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36248\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/37300\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/37386\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200911-02.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:209\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA09-294A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/2543\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-09-050/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/52339\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1200.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1201.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html\",\"source\":\"cve@mitre.org\"}]}}" } }
rhsa-2009_1201
Vulnerability from csaf_redhat
Published
2009-08-06 21:14
Modified
2024-11-05 17:07
Summary
Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update
Notes
Topic
Updated java-1.6.0-openjdk packages that fix several security issues and a
bug are now available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)
contains the software and tools that users need to run applications written
using the Java programming language.
A flaw was found in the way the XML Digital Signature implementation in the
JRE handled HMAC-based XML signatures. An attacker could use this flaw to
create a crafted signature that could allow them to bypass authentication,
or trick a user, applet, or application into accepting untrusted content.
(CVE-2009-0217)
Several potential information leaks were found in various mutable static
variables. These could be exploited in application scenarios that execute
untrusted scripting code. (CVE-2009-2475)
It was discovered that OpenType checks can be bypassed. This could allow a
rogue application to bypass access restrictions by acquiring references to
privileged objects through finalizer resurrection. (CVE-2009-2476)
A denial of service flaw was found in the way the JRE processes XML. A
remote attacker could use this flaw to supply crafted XML that would lead
to a denial of service. (CVE-2009-2625)
A flaw was found in the JRE audio system. An untrusted applet or
application could use this flaw to gain read access to restricted System
properties. (CVE-2009-2670)
Two flaws were found in the JRE proxy implementation. An untrusted applet
or application could use these flaws to discover the usernames of users
running applets and applications, or obtain web browser cookies and use
them for session hijacking attacks. (CVE-2009-2671, CVE-2009-2672)
An additional flaw was found in the proxy mechanism implementation. This
flaw allowed an untrusted applet or application to bypass access
restrictions and communicate using non-authorized socket or URL connections
to hosts other than the origin host. (CVE-2009-2673)
An integer overflow flaw was found in the way the JRE processes JPEG
images. An untrusted application could use this flaw to extend its
privileges, allowing it to read and write local files, as well as to
execute local applications with the privileges of the user running the
application. (CVE-2009-2674)
An integer overflow flaw was found in the JRE unpack200 functionality. An
untrusted applet or application could extend its privileges, allowing it to
read and write local files, as well as to execute local applications with
the privileges of the user running the applet or application. (CVE-2009-2675)
It was discovered that JDK13Services grants unnecessary privileges to
certain object types. This could be misused by an untrusted applet or
application to use otherwise restricted functionality. (CVE-2009-2689)
An information disclosure flaw was found in the way private Java variables
were handled. An untrusted applet or application could use this flaw to
obtain information from variables that would otherwise be private.
(CVE-2009-2690)
Note: The flaws concerning applets in this advisory, CVE-2009-2475,
CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675,
CVE-2009-2689, and CVE-2009-2690, can only be triggered in
java-1.6.0-openjdk by calling the "appletviewer" application.
This update also fixes the following bug:
* the EVR in the java-1.6.0-openjdk package as shipped with Red Hat
Enterprise Linux allowed the java-1.6.0-openjdk package from the EPEL
repository to take precedence (appear newer). Users using
java-1.6.0-openjdk from EPEL would not have received security updates since
October 2008. This update prevents the packages from EPEL from taking
precedence. (BZ#499079)
All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-openjdk packages that fix several security issues and a\nbug are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "These packages provide the OpenJDK 6 Java Runtime Environment and the\nOpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE)\ncontains the software and tools that users need to run applications written\nusing the Java programming language.\n\nA flaw was found in the way the XML Digital Signature implementation in the\nJRE handled HMAC-based XML signatures. An attacker could use this flaw to\ncreate a crafted signature that could allow them to bypass authentication,\nor trick a user, applet, or application into accepting untrusted content.\n(CVE-2009-0217)\n\nSeveral potential information leaks were found in various mutable static\nvariables. These could be exploited in application scenarios that execute\nuntrusted scripting code. (CVE-2009-2475)\n\nIt was discovered that OpenType checks can be bypassed. This could allow a\nrogue application to bypass access restrictions by acquiring references to\nprivileged objects through finalizer resurrection. (CVE-2009-2476)\n\nA denial of service flaw was found in the way the JRE processes XML. A\nremote attacker could use this flaw to supply crafted XML that would lead\nto a denial of service. (CVE-2009-2625)\n\nA flaw was found in the JRE audio system. An untrusted applet or\napplication could use this flaw to gain read access to restricted System\nproperties. (CVE-2009-2670)\n\nTwo flaws were found in the JRE proxy implementation. An untrusted applet\nor application could use these flaws to discover the usernames of users\nrunning applets and applications, or obtain web browser cookies and use\nthem for session hijacking attacks. (CVE-2009-2671, CVE-2009-2672)\n\nAn additional flaw was found in the proxy mechanism implementation. This\nflaw allowed an untrusted applet or application to bypass access\nrestrictions and communicate using non-authorized socket or URL connections\nto hosts other than the origin host. (CVE-2009-2673) \n\nAn integer overflow flaw was found in the way the JRE processes JPEG\nimages. An untrusted application could use this flaw to extend its\nprivileges, allowing it to read and write local files, as well as to\nexecute local applications with the privileges of the user running the\napplication. (CVE-2009-2674)\n\nAn integer overflow flaw was found in the JRE unpack200 functionality. An\nuntrusted applet or application could extend its privileges, allowing it to\nread and write local files, as well as to execute local applications with\nthe privileges of the user running the applet or application. (CVE-2009-2675)\n\nIt was discovered that JDK13Services grants unnecessary privileges to\ncertain object types. This could be misused by an untrusted applet or\napplication to use otherwise restricted functionality. (CVE-2009-2689)\n\nAn information disclosure flaw was found in the way private Java variables\nwere handled. An untrusted applet or application could use this flaw to\nobtain information from variables that would otherwise be private.\n(CVE-2009-2690)\n\nNote: The flaws concerning applets in this advisory, CVE-2009-2475,\nCVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2675,\nCVE-2009-2689, and CVE-2009-2690, can only be triggered in\njava-1.6.0-openjdk by calling the \"appletviewer\" application.\n\nThis update also fixes the following bug:\n\n* the EVR in the java-1.6.0-openjdk package as shipped with Red Hat\nEnterprise Linux allowed the java-1.6.0-openjdk package from the EPEL\nrepository to take precedence (appear newer). Users using\njava-1.6.0-openjdk from EPEL would not have received security updates since\nOctober 2008. This update prevents the packages from EPEL from taking\nprecedence. (BZ#499079)\n\nAll users of java-1.6.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1201", "url": "https://access.redhat.com/errata/RHSA-2009:1201" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5", "url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5" }, { "category": "external", "summary": "499079", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=499079" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "513222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222" }, { "category": "external", "summary": "513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1201.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update", "tracking": { "current_release_date": "2024-11-05T17:07:28+00:00", "generator": { "date": "2024-11-05T17:07:28+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1201", "initial_release_date": "2009-08-06T21:14:00+00:00", "revision_history": [ { "date": "2009-08-06T21:14:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-08-06T17:14:44+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:07:28+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-debuginfo@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-javadoc@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-src@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-demo@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk-devel@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product_id": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-openjdk@1.6.0.0-1.2.b09.el5?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Client" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "relates_to_product_reference": "5Server" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" }, "product_reference": "java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "relates_to_product_reference": "5Server" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-2475", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513215" } ], "notes": [ { "category": "description", "text": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2475" }, { "category": "external", "summary": "RHBZ#513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2475", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2475" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)" }, { "cve": "CVE-2009-2476", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513220" } ], "notes": [ { "category": "description", "text": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK OpenType checks can be bypassed (6736293)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2476" }, { "category": "external", "summary": "RHBZ#513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2476", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2476" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK OpenType checks can be bypassed (6736293)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2689", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513222" } ], "notes": [ { "category": "description", "text": "JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JDK13Services grants unnecessary privileges (6777448)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2689" }, { "category": "external", "summary": "RHBZ#513222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513222" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2689", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2689" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2689" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK JDK13Services grants unnecessary privileges (6777448)" }, { "cve": "CVE-2009-2690", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513223" } ], "notes": [ { "category": "description", "text": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK private variable information disclosure (6777487)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2690" }, { "category": "external", "summary": "RHBZ#513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2690", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T21:14:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1201" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Client:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Client:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.src", "5Server:java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-debuginfo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-demo-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-devel-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.2.b09.el5.x86_64", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.i386", "5Server:java-1.6.0-openjdk-src-1:1.6.0.0-1.2.b09.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK private variable information disclosure (6777487)" } ] }
rhsa-2009_1582
Vulnerability from csaf_redhat
Published
2009-11-12 18:15
Modified
2024-11-05 17:11
Summary
Red Hat Security Advisory: java-1.6.0-ibm security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and
the IBM Java 2 Software Development Kit.
This update fixes several vulnerabilities in the IBM Java 2 Runtime
Environment and the IBM Java 2 Software Development Kit. These
vulnerabilities are summarized on the IBM "Security alerts" page listed in
the References section. (CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,
CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676)
All users of java-1.6.0-ibm are advised to upgrade to these updated
packages, containing the IBM 1.6.0 SR6 Java release. All running instances
of IBM Java must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and\nthe IBM Java 2 Software Development Kit.\n\nThis update fixes several vulnerabilities in the IBM Java 2 Runtime\nEnvironment and the IBM Java 2 Software Development Kit. These\nvulnerabilities are summarized on the IBM \"Security alerts\" page listed in\nthe References section. (CVE-2009-2625, CVE-2009-2670, CVE-2009-2671,\nCVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676)\n\nAll users of java-1.6.0-ibm are advised to upgrade to these updated\npackages, containing the IBM 1.6.0 SR6 Java release. All running instances\nof IBM Java must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1582", "url": "https://access.redhat.com/errata/RHSA-2009:1582" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.ibm.com/developerworks/java/jdk/alerts/", "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1582.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-ibm security update", "tracking": { "current_release_date": "2024-11-05T17:11:24+00:00", "generator": { "date": "2024-11-05T17:11:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1582", "initial_release_date": "2009-11-12T18:15:00+00:00", "revision_history": [ { "date": "2009-11-12T18:15:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-11-12T13:15:19+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:11:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.6-1jpp.3.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-plugin@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=ppc\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-javacomm@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=ppc64\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-accessibility@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "product": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "product_id": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-jdbc@1.6.0.6-1jpp.3.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "product": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "product_id": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-src@1.6.0.6-1jpp.3.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.6-1jpp.3.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.6-1jpp.3.el5?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "product": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "product_id": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-demo@1.6.0.6-1jpp.3.el5?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2676", "discovery_date": "2009-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "515890" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE applet launcher vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2676" }, { "category": "external", "summary": "RHBZ#515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-11-12T18:15:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1582" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4AS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4Desktop-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4ES-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el4.x86_64", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.i386", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.ppc64", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.s390x", "4WS-LACD:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el4.x86_64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Client-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-accessibility-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-demo-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-devel-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-javacomm-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-jdbc-1:1.6.0.6-1jpp.3.el5.x86_64", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-plugin-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.i386", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.ppc64", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.s390x", "5Server-Supplementary:java-1.6.0-ibm-src-1:1.6.0.6-1jpp.3.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JRE applet launcher vulnerability" } ] }
rhsa-2009_1200
Vulnerability from csaf_redhat
Published
2009-08-06 20:41
Modified
2024-11-05 17:07
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
Updated java-1.6.0-sun packages that correct several security issues are
now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.
This update has been rated as having critical security impact by the Red
Hat Security Response Team.
Details
The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and
the Sun Java 6 Software Development Kit.
This update fixes several vulnerabilities in the Sun Java 6 Runtime
Environment and the Sun Java 6 Software Development Kit. These
vulnerabilities are summarized on the "Advance notification of Security
Updates for Java SE" page from Sun Microsystems, listed in the References
section. (CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625,
CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674,
CVE-2009-2675, CVE-2009-2676, CVE-2009-2690)
Users of java-1.6.0-sun should upgrade to these updated packages, which
correct these issues. All running instances of Sun Java must be restarted
for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-sun packages that correct several security issues are\nnow available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary.\n\nThis update has been rated as having critical security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and\nthe Sun Java 6 Software Development Kit.\n\nThis update fixes several vulnerabilities in the Sun Java 6 Runtime\nEnvironment and the Sun Java 6 Software Development Kit. These\nvulnerabilities are summarized on the \"Advance notification of Security\nUpdates for Java SE\" page from Sun Microsystems, listed in the References\nsection. (CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625,\nCVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674,\nCVE-2009-2675, CVE-2009-2676, CVE-2009-2690)\n\nUsers of java-1.6.0-sun should upgrade to these updated packages, which\ncorrect these issues. All running instances of Sun Java must be restarted\nfor the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:1200", "url": "https://access.redhat.com/errata/RHSA-2009:1200" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5", "url": "http://blogs.sun.com/security/entry/advance_notification_of_security_updates5" }, { "category": "external", "summary": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125139-16-1" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1200.json" } ], "title": "Red Hat Security Advisory: java-1.6.0-sun security update", "tracking": { "current_release_date": "2024-11-05T17:07:53+00:00", "generator": { "date": "2024-11-05T17:07:53+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:1200", "initial_release_date": "2009-08-06T20:41:00+00:00", "revision_history": [ { "date": "2009-08-06T20:41:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-08-06T16:41:36+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:07:53+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Desktop version 4 Extras", "product": { "name": "Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux ES version 4 Extras", "product": { "name": "Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux WS version 4 Extras", "product": { "name": "Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:4" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el4?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product_id": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.15-1jpp.1.el5?arch=i586\u0026epoch=1" } } } ], "category": "architecture", "name": "i586" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux AS version 4 Extras", "product_id": "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4AS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Desktop version 4 Extras", "product_id": "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4Desktop-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux ES version 4 Extras", "product_id": "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4ES-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64 as a component of Red Hat Enterprise Linux WS version 4 Extras", "product_id": "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "relates_to_product_reference": "4WS-LACD" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Client-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "relates_to_product_reference": "5Server-Supplementary" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" }, "product_reference": "java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-2475", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513215" } ], "notes": [ { "category": "description", "text": "Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2475" }, { "category": "external", "summary": "RHBZ#513215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2475", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2475" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2475" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)" }, { "cve": "CVE-2009-2476", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513220" } ], "notes": [ { "category": "description", "text": "The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK OpenType checks can be bypassed (6736293)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2476" }, { "category": "external", "summary": "RHBZ#513220", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513220" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2476", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2476" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2476" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK OpenType checks can be bypassed (6736293)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2676", "discovery_date": "2009-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "515890" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE applet launcher vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2676" }, { "category": "external", "summary": "RHBZ#515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JRE applet launcher vulnerability" }, { "cve": "CVE-2009-2690", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "513223" } ], "notes": [ { "category": "description", "text": "The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK private variable information disclosure (6777487)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2690" }, { "category": "external", "summary": "RHBZ#513223", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=513223" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2690", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2690" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK private variable information disclosure (6777487)" }, { "cve": "CVE-2009-2716", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516812" } ], "notes": [ { "category": "description", "text": "The plugin functionality in Sun Java SE 6 before Update 15 does not properly implement version selection, which allows context-dependent attackers to leverage vulnerabilities in \"old zip and certificate handling\" and have unspecified other impact via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK improper version selection", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2716" }, { "category": "external", "summary": "RHBZ#516812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516812" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2716", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2716" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2716", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2716" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK improper version selection" }, { "cve": "CVE-2009-2718", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516815" } ], "notes": [ { "category": "description", "text": "The Abstract Window Toolkit (AWT) implementation in Sun Java SE 6 before Update 15 on X11 does not impose the intended constraint on distance from the window border to the Security Warning Icon, which makes it easier for context-dependent attackers to trick a user into interacting unsafely with an untrusted applet.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK reposition of untrusted applet security icon in X11", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2718" }, { "category": "external", "summary": "RHBZ#516815", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516815" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2718", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2718" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2718", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2718" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK reposition of untrusted applet security icon in X11" }, { "cve": "CVE-2009-2719", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516820" } ], "notes": [ { "category": "description", "text": "The Java Web Start implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException) via a crafted .jnlp file, as demonstrated by the jnlp_file/appletDesc/index.html#misc test in the Technology Compatibility Kit (TCK) for the Java Network Launching Protocol (JNLP).", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK DoS with crafted .jnlp file", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2719" }, { "category": "external", "summary": "RHBZ#516820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516820" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2719", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2719" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2719", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2719" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JDK DoS with crafted .jnlp file" }, { "cve": "CVE-2009-2720", "discovery_date": "2009-08-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "516823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the javax.swing.plaf.synth.SynthContext.isSubregion method in the Swing implementation in Sun Java SE 6 before Update 15 allows context-dependent attackers to cause a denial of service (NullPointerException in the Jemmy library) via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK DoS with Swing Synthcontext implementation", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2720" }, { "category": "external", "summary": "RHBZ#516823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=516823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2720", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2720" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2720" } ], "release_date": "2009-08-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-08-06T20:41:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:1200" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4AS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4Desktop-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4ES-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el4.x86_64", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.i586", "4WS-LACD:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el4.x86_64", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Client-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-demo-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-devel-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-jdbc-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-plugin-1:1.6.0.15-1jpp.1.el5.x86_64", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.i586", "5Server-Supplementary:java-1.6.0-sun-src-1:1.6.0.15-1jpp.1.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "JDK DoS with Swing Synthcontext implementation" } ] }
rhsa-2010_0043
Vulnerability from csaf_redhat
Published
2010-01-14 16:32
Modified
2024-11-05 17:13
Summary
Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Network Satellite Server 5.3.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.3. In a typical operating environment, these are of low security risk as
the runtime is not used on untrusted applets.
Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2009-0217, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096,
CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101,
CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107,
CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673,
CVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-3865, CVE-2009-3866,
CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872,
CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877)
Users of Red Hat Network Satellite Server 5.3 are advised to upgrade to
these updated java-1.6.0-ibm packages, which resolve these issues. For this
update to take effect, Red Hat Network Satellite Server must be restarted
("/usr/sbin/rhn-satellite restart"), as well as all running instances of
IBM Java.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.3.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.", "title": "Topic" }, { "category": "general", "text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.3. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2009-0217, CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096,\nCVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101,\nCVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107,\nCVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673,\nCVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-3865, CVE-2009-3866,\nCVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872,\nCVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877)\n\nUsers of Red Hat Network Satellite Server 5.3 are advised to upgrade to\nthese updated java-1.6.0-ibm packages, which resolve these issues. For this\nupdate to take effect, Red Hat Network Satellite Server must be restarted\n(\"/usr/sbin/rhn-satellite restart\"), as well as all running instances of\nIBM Java.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2010:0043", "url": "https://access.redhat.com/errata/RHSA-2010:0043" }, { "category": "external", "summary": "http://www.redhat.com/security/updates/classification/#low", "url": "http://www.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "490166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490166" }, { "category": "external", "summary": "490167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490167" }, { "category": "external", "summary": "490168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490168" }, { "category": "external", "summary": "490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "490174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490174" }, { "category": "external", "summary": "490178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490178" }, { "category": "external", "summary": "492302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492302" }, { "category": "external", "summary": "492305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492305" }, { "category": "external", "summary": "492306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492306" }, { "category": "external", "summary": "492308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492308" }, { "category": "external", "summary": "492309", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492309" }, { "category": "external", "summary": "492310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492310" }, { "category": "external", "summary": "492312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492312" }, { "category": "external", "summary": "511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0043.json" } ], "title": "Red Hat Security Advisory: Red Hat Network Satellite Server IBM Java Runtime security update", "tracking": { "current_release_date": "2024-11-05T17:13:07+00:00", "generator": { "date": "2024-11-05T17:13:07+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2010:0043", "initial_release_date": "2010-01-14T16:32:00+00:00", "revision_history": [ { "date": "2010-01-14T16:32:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2010-01-14T11:32:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:13:07+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Satellite 5.3 (RHEL v.4)", "product": { "name": "Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.3::el4" } } }, { "category": "product_name", "name": "Red Hat Satellite 5.3 (RHEL v.5)", "product": { "name": "Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53", "product_identification_helper": { "cpe": "cpe:/a:redhat:network_satellite:5.3::el5" } } } ], "category": "product_family", "name": "Red Hat Satellite" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390\u0026epoch=1" } } } ], "category": "architecture", "name": "s390" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_id": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.7-1jpp.2.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.3.el4?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product_id": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.7-1jpp.2.el5?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.4)", "product_id": "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "relates_to_product_reference": "4AS-RHNSAT5.3" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "relates_to_product_reference": "5Server-Satellite53" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64 as a component of Red Hat Satellite 5.3 (RHEL v.5)", "product_id": "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" }, "product_reference": "java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64", "relates_to_product_reference": "5Server-Satellite53" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-0217", "discovery_date": "2009-07-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "511915" } ], "notes": [ { "category": "description", "text": "The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6; (3) Mono before 2.4.2.2; (4) XML Security Library before 1.2.12; (5) IBM WebSphere Application Server Versions 6.0 through 6.0.2.33, 6.1 through 6.1.0.23, and 7.0 through 7.0.0.1; (6) Sun JDK and JRE Update 14 and earlier; (7) Microsoft .NET Framework 3.0 through 3.0 SP2, 3.5, and 4.0; and other products uses a parameter that defines an HMAC truncation length (HMACOutputLength) but does not require a minimum for this length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits.", "title": "Vulnerability description" }, { "category": "summary", "text": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0217" }, { "category": "external", "summary": "RHBZ#511915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=511915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0217", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0217" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0217" } ], "release_date": "2009-07-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass" }, { "cve": "CVE-2009-1093", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490167" } ], "notes": [ { "category": "description", "text": "LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK remote LDAP Denial-Of-Service (6717680)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1093" }, { "category": "external", "summary": "RHBZ#490167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490167" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1093", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1093" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1093", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1093" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK remote LDAP Denial-Of-Service (6717680)" }, { "cve": "CVE-2009-1094", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490168" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK LDAP client remote code execution (6737315)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1094" }, { "category": "external", "summary": "RHBZ#490168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1094", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1094" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1094", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1094" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK LDAP client remote code execution (6737315)" }, { "cve": "CVE-2009-1095", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490169" } ], "notes": [ { "category": "description", "text": "Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1095" }, { "category": "external", "summary": "RHBZ#490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1095", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1095" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)" }, { "cve": "CVE-2009-1096", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490169" } ], "notes": [ { "category": "description", "text": "Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1096" }, { "category": "external", "summary": "RHBZ#490169", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490169" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1096", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1096" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1096", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1096" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK Pack200 Buffer overflow vulnerability (6792554)" }, { "cve": "CVE-2009-1097", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490174" } ], "notes": [ { "category": "description", "text": "Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1097" }, { "category": "external", "summary": "RHBZ#490174", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490174" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1097", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1097" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1097", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1097" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)" }, { "cve": "CVE-2009-1098", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490178" } ], "notes": [ { "category": "description", "text": "Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK GIF processing buffer overflow vulnerability (6804998)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1098" }, { "category": "external", "summary": "RHBZ#490178", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490178" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1098", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1098" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1098", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1098" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK GIF processing buffer overflow vulnerability (6804998)" }, { "cve": "CVE-2009-1099", "discovery_date": "2009-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492302" } ], "notes": [ { "category": "description", "text": "Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Type1 font processing buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1099" }, { "category": "external", "summary": "RHBZ#492302", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492302" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1099", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1099" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1099", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1099" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Type1 font processing buffer overflow vulnerability" }, { "cve": "CVE-2009-1100", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492305" } ], "notes": [ { "category": "description", "text": "Multiple unspecified vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service (disk consumption) via vectors related to temporary font files and (1) \"limits on Font creation,\" aka CR 6522586, and (2) another unspecified vector, aka CR 6632886.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DoS (disk consumption) via handling of temporary font files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1100" }, { "category": "external", "summary": "RHBZ#492305", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492305" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1100", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1100" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1100", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1100" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: DoS (disk consumption) via handling of temporary font files" }, { "cve": "CVE-2009-1101", "discovery_date": "2009-03-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "490166" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allows remote attackers to cause a denial of service (probably resource consumption) for a JAX-WS service endpoint via a connection without any data, which triggers a file descriptor \"leak.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1101" }, { "category": "external", "summary": "RHBZ#490166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1101", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1101" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1101", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1101" } ], "release_date": "2009-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)" }, { "cve": "CVE-2009-1103", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492306" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to \"deserializing applets,\" aka CR 6646860.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1103" }, { "category": "external", "summary": "RHBZ#492306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1103", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1103" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1103", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1103" } ], "release_date": "2009-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Files disclosure, arbitrary code execution via \"deserializing applets\" (6646860)" }, { "cve": "CVE-2009-1104", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492308" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; and 1.4.2_19 and earlier does not prevent Javascript that is loaded from the localhost from connecting to other ports on the system, which allows user-assisted attackers to bypass intended access restrictions via LiveConnect, aka CR 6724331. NOTE: this vulnerability can be leveraged with separate cross-site scripting (XSS) vulnerabilities for remote attack vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1104" }, { "category": "external", "summary": "RHBZ#492308", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492308" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1104", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1104" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1104", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1104" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Intended access restrictions bypass via LiveConnect (6724331)" }, { "cve": "CVE-2009-1105", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492309" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 allows user-assisted remote attackers to cause a trusted applet to run in an older JRE version, which can be used to exploit vulnerabilities in that older version, aka CR 6706490.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1105" }, { "category": "external", "summary": "RHBZ#492309", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492309" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1105", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1105" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1105", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1105" } ], "release_date": "2009-03-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Possibility of trusted applet run in older, vulnerable version of JRE (6706490)" }, { "cve": "CVE-2009-1106", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492310" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12, 11, and 10 does not properly parse crossdomain.xml files, which allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unknown vectors, aka CR 6798948.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1106" }, { "category": "external", "summary": "RHBZ#492310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492310" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1106", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1106" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1106", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1106" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Improper parsing of crossdomain.xml files (intended access restriction bypass) (6798948)" }, { "cve": "CVE-2009-1107", "discovery_date": "2009-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "492312" } ], "notes": [ { "category": "description", "text": "The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a \"Swing JLabel HTML parsing vulnerability,\" aka CR 6782871.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Signed applet remote misuse possibility (6782871)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1107" }, { "category": "external", "summary": "RHBZ#492312", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492312" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1107", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1107" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1107", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1107" } ], "release_date": "2009-03-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Signed applet remote misuse possibility (6782871)" }, { "cve": "CVE-2009-2625", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512921" } ], "notes": [ { "category": "description", "text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: XML parsing Denial-Of-Service (6845701)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2625" }, { "category": "external", "summary": "RHBZ#512921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2625", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2625" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: XML parsing Denial-Of-Service (6845701)" }, { "cve": "CVE-2009-2670", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512896" } ], "notes": [ { "category": "description", "text": "The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Untrusted applet System properties access (6738524)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2670" }, { "category": "external", "summary": "RHBZ#512896", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512896" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2670", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2670" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2670" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK Untrusted applet System properties access (6738524)" }, { "cve": "CVE-2009-2671", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2671" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2671", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2671" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2671" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2672", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512907" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to browser cookies by untrusted (1) applets and (2) Java Web Start applications, which allows remote attackers to hijack web sessions via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK Proxy mechanism information leaks (6801071)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2672" }, { "category": "external", "summary": "RHBZ#512907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2672", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2672" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2672" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK Proxy mechanism information leaks (6801071)" }, { "cve": "CVE-2009-2673", "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512914" } ], "notes": [ { "category": "description", "text": "The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2673" }, { "category": "external", "summary": "RHBZ#512914", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512914" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2673", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2673" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2673" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK proxy mechanism allows non-authorized socket connections (6801497)" }, { "cve": "CVE-2009-2674", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512915" } ], "notes": [ { "category": "description", "text": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer JPEG processing integer overflow (6823373)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2674" }, { "category": "external", "summary": "RHBZ#512915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2674", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2674" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer JPEG processing integer overflow (6823373)" }, { "cve": "CVE-2009-2675", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2009-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "512920" } ], "notes": [ { "category": "description", "text": "Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a Pack200-compressed JAR file, which leads to a heap-based buffer overflow during decompression.", "title": "Vulnerability description" }, { "category": "summary", "text": "Java Web Start Buffer unpack200 processing integer overflow (6830335)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2675" }, { "category": "external", "summary": "RHBZ#512920", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512920" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2675", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2675" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2675" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "Java Web Start Buffer unpack200 processing integer overflow (6830335)" }, { "cve": "CVE-2009-2676", "discovery_date": "2009-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "515890" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in JNLPAppletlauncher in Sun Java SE, and SE for Business, in JDK and JRE 6 Update 14 and earlier and JDK and JRE 5.0 Update 19 and earlier; and Java SE for Business in SDK and JRE 1.4.2_21 and earlier; allows remote attackers to create or modify arbitrary files via vectors involving an untrusted Java applet that accesses an old version of JNLPAppletLauncher.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE applet launcher vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-2676" }, { "category": "external", "summary": "RHBZ#515890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-2676", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2676" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2676" } ], "release_date": "2009-08-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JRE applet launcher vulnerability" }, { "cve": "CVE-2009-3865", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533211" } ], "notes": [ { "category": "description", "text": "The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3865" }, { "category": "external", "summary": "RHBZ#533211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3865", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3865" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3865" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752)" }, { "cve": "CVE-2009-3866", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533212" } ], "notes": [ { "category": "description", "text": "The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3866" }, { "category": "external", "summary": "RHBZ#533212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533212" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3866", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3866" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3866" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824)" }, { "cve": "CVE-2009-3867", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2009-11-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533214" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3867" }, { "category": "external", "summary": "RHBZ#533214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533214" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3867", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3867" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3867" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303)" }, { "cve": "CVE-2009-3868", "discovery_date": "2009-11-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "533215" } ], "notes": [ { "category": "description", "text": "Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970.", "title": "Vulnerability description" }, { "category": "summary", "text": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3868" }, { "category": "external", "summary": "RHBZ#533215", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=533215" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3868", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3868" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3868" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)" }, { "cve": "CVE-2009-3869", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530062" } ], "notes": [ { "category": "description", "text": "Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3869" }, { "category": "external", "summary": "RHBZ#530062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3869", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3869" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3869" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setDifflCM stack overflow (6872357)" }, { "cve": "CVE-2009-3871", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530063" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3871" }, { "category": "external", "summary": "RHBZ#530063", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530063" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3871", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3871" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3871" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JRE AWT setBytePixels heap overflow (6872358)" }, { "cve": "CVE-2009-3872", "discovery_date": "2009-11-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "532906" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969.", "title": "Vulnerability description" }, { "category": "summary", "text": "JRE JPEG JFIF Decoder issue (6862969)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3872" }, { "category": "external", "summary": "RHBZ#532906", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=532906" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3872", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3872" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3872" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JRE JPEG JFIF Decoder issue (6862969)" }, { "cve": "CVE-2009-3873", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530053" } ], "notes": [ { "category": "description", "text": "The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a \"quantization problem,\" aka Bug Id 6862968.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK JPEG Image Writer quantization problem (6862968)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3873" }, { "category": "external", "summary": "RHBZ#530053", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530053" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3873", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3873" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3873" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK JPEG Image Writer quantization problem (6862968)" }, { "cve": "CVE-2009-3874", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530067" } ], "notes": [ { "category": "description", "text": "Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ImageI/O JPEG heap overflow (6874643)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3874" }, { "category": "external", "summary": "RHBZ#530067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530067" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3874", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3874" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3874" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK ImageI/O JPEG heap overflow (6874643)" }, { "cve": "CVE-2009-3875", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530057" } ], "notes": [ { "category": "description", "text": "The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to spoof HMAC-based digital signatures, and possibly bypass authentication, via unspecified vectors related to \"timing attack vulnerabilities,\" aka Bug Id 6863503.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3875" }, { "category": "external", "summary": "RHBZ#530057", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530057" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3875", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3875" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3875" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503)" }, { "cve": "CVE-2009-3876", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3876" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3876", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3876" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3876" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" }, { "cve": "CVE-2009-3877", "discovery_date": "2009-10-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "530061" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3877" }, { "category": "external", "summary": "RHBZ#530061", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=530061" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3877", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3877" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3877" } ], "release_date": "2009-11-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-14T16:32:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0043" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.src", "4AS-RHNSAT5.3:java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4.x86_64", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.i386", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.s390x", "4AS-RHNSAT5.3:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.3.el4.x86_64", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.src", "5Server-Satellite53:java-1.6.0-ibm-1:1.6.0.7-1jpp.2.el5.x86_64", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.i386", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.s390x", "5Server-Satellite53:java-1.6.0-ibm-devel-1:1.6.0.7-1jpp.2.el5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877" } ] }
gsd-2009-2674
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2009-2674", "description": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "id": "GSD-2009-2674", "references": [ "https://www.suse.com/security/cve/CVE-2009-2674.html", "https://access.redhat.com/errata/RHSA-2010:0043", "https://access.redhat.com/errata/RHSA-2009:1582", "https://access.redhat.com/errata/RHSA-2009:1201", "https://access.redhat.com/errata/RHSA-2009:1200", "https://linux.oracle.com/cve/CVE-2009-2674.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2009-2674" ], "details": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "id": "GSD-2009-2674", "modified": "2023-12-13T01:19:46.463814Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2674", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "36162", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36162" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "GLSA-200911-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "name": "HPSBUX02476", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10073", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" }, { "name": "36248", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36248" }, { "name": "263428", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "SSRT090250", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "TA09-294A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "36180", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36180" }, { "name": "oval:org.mitre.oval:def:8073", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "36176", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36176" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "SUSE-SR:2009:016", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "name": "37300", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37300" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "SUSE-SA:2009:043", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "name": "37386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37386" }, { "name": "sun-jre-jpeg-bo(52339)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:6:update_8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:6:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-2674" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-264" } ] } ] }, "references": { "reference_data": [ { "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1", "refsource": "CONFIRM", "tags": [ "Patch" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "name": "263428", "refsource": "SUNALERT", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "name": "SUSE-SA:2009:043", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "name": "RHSA-2009:1200", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "name": "FEDORA-2009-8329", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "name": "FEDORA-2009-8337", "refsource": "FEDORA", "tags": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "name": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/", "refsource": "MISC", "tags": [], "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050/" }, { "name": "36176", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36176" }, { "name": "RHSA-2009:1201", "refsource": "REDHAT", "tags": [], "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "name": "36162", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36162" }, { "name": "36248", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36248" }, { "name": "36180", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/36180" }, { "name": "MDVSA-2009:209", "refsource": "MANDRIVA", "tags": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "name": "APPLE-SA-2009-09-03-1", "refsource": "APPLE", "tags": [], "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "name": "ADV-2009-2543", "refsource": "VUPEN", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "name": "SUSE-SR:2009:016", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "name": "TA09-294A", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "name": "SUSE-SA:2009:053", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "name": "GLSA-200911-02", "refsource": "GENTOO", "tags": [], "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "name": "37300", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37300" }, { "name": "SSRT090250", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "name": "37386", "refsource": "SECUNIA", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/37386" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html", "refsource": "CONFIRM", "tags": [], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "name": "sun-jre-jpeg-bo(52339)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" }, { "name": "oval:org.mitre.oval:def:8073", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "name": "oval:org.mitre.oval:def:10073", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2018-10-30T16:25Z", "publishedDate": "2009-08-05T19:30Z" } } }
ghsa-3fh4-76x3-9pjc
Vulnerability from github
Published
2022-05-02 03:37
Modified
2022-05-02 03:37
Details
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.
{ "affected": [], "aliases": [ "CVE-2009-2674" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2009-08-05T19:30:00Z", "severity": "HIGH" }, "details": "Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during display to a splash screen, which triggers a heap-based buffer overflow.", "id": "GHSA-3fh4-76x3-9pjc", "modified": "2022-05-02T03:37:33Z", "published": "2022-05-02T03:37:33Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2674" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52339" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10073" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8073" }, { "type": "WEB", "url": "https://rhn.redhat.com/errata/RHSA-2009-1200.html" }, { "type": "WEB", "url": "https://rhn.redhat.com/errata/RHSA-2009-1201.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html" }, { "type": "WEB", "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-08/msg00003.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2" }, { "type": "WEB", "url": "http://secunia.com/advisories/36162" }, { "type": "WEB", "url": "http://secunia.com/advisories/36176" }, { "type": "WEB", "url": "http://secunia.com/advisories/36180" }, { "type": "WEB", "url": "http://secunia.com/advisories/36248" }, { "type": "WEB", "url": "http://secunia.com/advisories/37300" }, { "type": "WEB", "url": "http://secunia.com/advisories/37386" }, { "type": "WEB", "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" }, { "type": "WEB", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1" }, { "type": "WEB", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263428-1" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA09-294A.html" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2009/2543" }, { "type": "WEB", "url": "http://www.zerodayinitiative.com/advisories/ZDI-09-050" } ], "schema_version": "1.4.0", "severity": [] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.